gozi_ifsb | 25fa4b41fd1dcce52bc1cc097a454b7aa2a9ce67afbfe70e8128a71690fbd41d | Triage

Submit
Reports

Overview

overview

Static

static

c0nnect1on.dll

windows7_x64

c0nnect1on.dll

windows10_x64

Sharing

General

Target

c0nnect1on.dll
Size

182KB
Sample

201123-apra125xc2
MD5

d2784b2347ff0a6cc3d4e398a7e9e416
SHA1

3a05e5800dfd69d7c94e1755557c36032f73b31a
SHA256

25fa4b41fd1dcce52bc1cc097a454b7aa2a9ce67afbfe70e8128a71690fbd41d
SHA512

5cf7db9a7373b57b583a758c4168bafdc3fd116f8830fa24945a629942c1c7440e72d350febbded1a5a78bfce589248d05fc6a7bd1fd581354c6a12ec381d944

Score

10^/10

gozi_ifsb banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

c0nnect1on.dll

Resource

win7v20201028

gozi_ifsb banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c0nnect1on.dll

Resource

win10v20201028

gozi_ifsb banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  c0nnect1on.dll
- Size
  
  182KB
- MD5
  
  d2784b2347ff0a6cc3d4e398a7e9e416
- SHA1
  
  3a05e5800dfd69d7c94e1755557c36032f73b31a
- SHA256
  
  25fa4b41fd1dcce52bc1cc097a454b7aa2a9ce67afbfe70e8128a71690fbd41d
- SHA512
  
  5cf7db9a7373b57b583a758c4168bafdc3fd116f8830fa24945a629942c1c7440e72d350febbded1a5a78bfce589248d05fc6a7bd1fd581354c6a12ec381d944
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan

© 2018-2024

Terms | Privacy