gozi_ifsb | d743387d62adc05ac35ae35b11f8a68ad04d9be0ed811ebd3169b740dbf9cdb0 | Triage

Submit
Reports

Overview

overview

Static

static

statistica...20.doc

windows7_x64

8

statistica...20.doc

windows10_x64

Sharing

General

Target

statistica_12.01.20.doc
Size

91KB
Sample

201203-1hq5rljsms
MD5

9ff7d72eb0f967be41fafb65cbe23e52
SHA1

b05b58be65a18493826cc9a1e8478491221cd940
SHA256

d743387d62adc05ac35ae35b11f8a68ad04d9be0ed811ebd3169b740dbf9cdb0
SHA512

85c7390d38219ddf2cdb34c44522615cb0bc73c4b58da28a5b5bb54a9d32a8014a94209f779cd41ab7082cfb7119359098a5a51dbec32015523953d426001a74

Score

10^/10

gozi_ifsb banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

statistica_12.01.20.doc

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

statistica_12.01.20.doc

Resource

win10v20201028

gozi_ifsb banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  statistica_12.01.20.doc
- Size
  
  91KB
- MD5
  
  9ff7d72eb0f967be41fafb65cbe23e52
- SHA1
  
  b05b58be65a18493826cc9a1e8478491221cd940
- SHA256
  
  d743387d62adc05ac35ae35b11f8a68ad04d9be0ed811ebd3169b740dbf9cdb0
- SHA512
  
  85c7390d38219ddf2cdb34c44522615cb0bc73c4b58da28a5b5bb54a9d32a8014a94209f779cd41ab7082cfb7119359098a5a51dbec32015523953d426001a74
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

gozi_ifsbbankertrojan

© 2018-2024

Terms | Privacy