gozi_ifsb | 8e7b6ffa64cd7b22346a1a1ebe7b72de960aa38180047f07f8b6ed491e2bbeeb | Triage

Sharing

General

Target

xspcd8.dll
Size

465KB
Sample

201203-be1ebr7zya
MD5

370a6be32886a2409fe442f7b0992217
SHA1

453fc148bec1b6367d0c52e6c45309331ca486b3
SHA256

8e7b6ffa64cd7b22346a1a1ebe7b72de960aa38180047f07f8b6ed491e2bbeeb
SHA512

431a7e17749c3fec8a4db3c4eb1edc75e434fa3fd9f239692642aeeabda19f3376caf18eb03732b8bc455967726e61e2e56b9405855a385b1a532c96601d9e53

Score

10^/10

gozi_ifsb banker trojan

Malware Config

Targets

- Target
  
  xspcd8.dll
- Size
  
  465KB
- MD5
  
  370a6be32886a2409fe442f7b0992217
- SHA1
  
  453fc148bec1b6367d0c52e6c45309331ca486b3
- SHA256
  
  8e7b6ffa64cd7b22346a1a1ebe7b72de960aa38180047f07f8b6ed491e2bbeeb
- SHA512
  
  431a7e17749c3fec8a4db3c4eb1edc75e434fa3fd9f239692642aeeabda19f3376caf18eb03732b8bc455967726e61e2e56b9405855a385b1a532c96601d9e53
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

gozi_ifsbbankertrojan