gozi_ifsb | 8a6d1c13983162c59ba681bcbad0b8c0b9cbf87fb06750125bb97172b7206605 | Triage

Submit
Reports

Overview

overview

Static

static

c0nnect1on.dll

windows7_x64

c0nnect1on.dll

windows10_x64

Sharing

General

Target

c0nnect1on.dll
Size

185KB
Sample

201123-hm9ecjtr12
MD5

f513e66221bb1f41b136bb57f6ac6f8a
SHA1

fab7b5327f30fc454d1a3e6abbcecafdfc6a8c94
SHA256

8a6d1c13983162c59ba681bcbad0b8c0b9cbf87fb06750125bb97172b7206605
SHA512

335b851323baf63929faf999912e6efbaac281da0a67eec1cb1eb8d3e348674b441ec5747ae788c686ec5ece3205e4bb52fb7535be90a104f3d81cbf90921f8d

Score

10^/10

gozi_ifsb banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

c0nnect1on.dll

Resource

win7v20201028

gozi_ifsb banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c0nnect1on.dll

Resource

win10v20201028

gozi_ifsb banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  c0nnect1on.dll
- Size
  
  185KB
- MD5
  
  f513e66221bb1f41b136bb57f6ac6f8a
- SHA1
  
  fab7b5327f30fc454d1a3e6abbcecafdfc6a8c94
- SHA256
  
  8a6d1c13983162c59ba681bcbad0b8c0b9cbf87fb06750125bb97172b7206605
- SHA512
  
  335b851323baf63929faf999912e6efbaac281da0a67eec1cb1eb8d3e348674b441ec5747ae788c686ec5ece3205e4bb52fb7535be90a104f3d81cbf90921f8d
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan

© 2018-2024

Terms | Privacy