gozi_ifsb | 9f672ebe0fc031e49ca0cec79553f8291ca44fb150adb6346c8fb7f78ef674fa | Triage

Submit
Reports

Overview

overview

Static

static

dettare-12...20.doc

windows7_x64

dettare-12...20.doc

windows10_x64

Sharing

General

Target

dettare-12.01.2020.doc
Size

91KB
Sample

201203-fx7aaspzms
MD5

6c7c979a07f105324c1f93326948b14a
SHA1

77650a84c2a568c854350cd0b61406f115f26c26
SHA256

9f672ebe0fc031e49ca0cec79553f8291ca44fb150adb6346c8fb7f78ef674fa
SHA512

0f5c8cca38957d72ce2175d7eeabc56e193b6d2740ff550e6e305f4ee3751afc7fde9399ec7564737d4d31de415cf364af1786eba9978bd8c2a870f23aa89319

Score

10^/10

gozi_ifsb banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

dettare-12.01.2020.doc

Resource

win7v20201028

gozi_ifsb banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

dettare-12.01.2020.doc

Resource

win10v20201028

gozi_ifsb banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  dettare-12.01.2020.doc
- Size
  
  91KB
- MD5
  
  6c7c979a07f105324c1f93326948b14a
- SHA1
  
  77650a84c2a568c854350cd0b61406f115f26c26
- SHA256
  
  9f672ebe0fc031e49ca0cec79553f8291ca44fb150adb6346c8fb7f78ef674fa
- SHA512
  
  0f5c8cca38957d72ce2175d7eeabc56e193b6d2740ff550e6e305f4ee3751afc7fde9399ec7564737d4d31de415cf364af1786eba9978bd8c2a870f23aa89319
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan

© 2018-2024

Terms | Privacy