gozi_ifsb | b5a82f358804fb1b59046aaba192e8159c806b627aa63a648b210c88e02f38ab | Triage

Submit
Reports

Overview

overview

Static

static

fatti_12.01.2020.doc

windows7_x64

8

fatti_12.01.2020.doc

windows10_x64

Sharing

General

Target

fatti_12.01.2020.doc
Size

91KB
Sample

201203-8ptpfz9mv2
MD5

01d08478561aed72242e32f692701293
SHA1

0da6033daef2c2db0da17c51b8620c9cec3c1477
SHA256

b5a82f358804fb1b59046aaba192e8159c806b627aa63a648b210c88e02f38ab
SHA512

e065eff23943ff8618704e866da6cb7759d3b19701085f5cc24eccbf790421907da1c66b87f4ea2b979b736f2d5ded97daa13da7560a94b4cea2b2bc31cb1542

Score

10^/10

gozi_ifsb banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

fatti_12.01.2020.doc

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

fatti_12.01.2020.doc

Resource

win10v20201028

gozi_ifsb banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  fatti_12.01.2020.doc
- Size
  
  91KB
- MD5
  
  01d08478561aed72242e32f692701293
- SHA1
  
  0da6033daef2c2db0da17c51b8620c9cec3c1477
- SHA256
  
  b5a82f358804fb1b59046aaba192e8159c806b627aa63a648b210c88e02f38ab
- SHA512
  
  e065eff23943ff8618704e866da6cb7759d3b19701085f5cc24eccbf790421907da1c66b87f4ea2b979b736f2d5ded97daa13da7560a94b4cea2b2bc31cb1542
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

gozi_ifsbbankertrojan

© 2018-2024

Terms | Privacy