Overview

overview

10

Static

static

0pz1on1.dll

windows7_x64

10

0pz1on1.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0pz1on1.dll

  • Size

    539KB

  • Sample

    201119-lw4gbgwzes

  • MD5

    3bd94cd9d5af80967956a0c2789bf180

  • SHA1

    7d0b946bfa133ec9c10cb1cca0007139597b2011

  • SHA256

    e9b8536f66aa5222f1979fea40b25b83f2acb487a0ab61a76378a2128efc0420

  • SHA512

    610e44c03c8a7ec8a59825a32ec349576474abd4888aed3efcf89799c020b53d89d4ab0309aa78452bbdf9f7b2fe463c312d8c18e2901d8335c4df02df73cddc

Score
10/10
gozi_ifsbursnifbankertrojan

Malware Config

Targets

    • Target

      0pz1on1.dll

    • Size

      539KB

    • MD5

      3bd94cd9d5af80967956a0c2789bf180

    • SHA1

      7d0b946bfa133ec9c10cb1cca0007139597b2011

    • SHA256

      e9b8536f66aa5222f1979fea40b25b83f2acb487a0ab61a76378a2128efc0420

    • SHA512

      610e44c03c8a7ec8a59825a32ec349576474abd4888aed3efcf89799c020b53d89d4ab0309aa78452bbdf9f7b2fe463c312d8c18e2901d8335c4df02df73cddc

    Score
    10/10
    gozi_ifsbbankertrojanursnif

    • Gozi, Gozi IFSB

      Gozi ISFB is a well-known and widely distributed banking trojan.

      bankertrojangozi_ifsb

    • Ursnif, Dreambot

      Ursnif is a variant of the Gozi IFSB with more capabilities.

      bankertrojanursnif
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks