gozi_ifsb | 89c0ff2a9bcbc1e2f6054bfbc9f9325e3b02ee2547ed71fc5803d1889f0f642b | Triage

Sharing

General

Target

xspcd9.dll
Size

465KB
Sample

201203-mjgyndf3n2
MD5

cec2f415c965ccca17864db799728b23
SHA1

134b6e9b6fce06dc85b0123c6441c365ad7a93f0
SHA256

89c0ff2a9bcbc1e2f6054bfbc9f9325e3b02ee2547ed71fc5803d1889f0f642b
SHA512

f1f1e3cf1db7819b821725ffc3ba867c894ba87c395a0623657f8e561ca6f89144851c5404c510617eb4dc2b6ffdbf33739cd8fa8fc935c558120051c8a411fa

Score

10^/10

gozi_ifsb banker trojan

Malware Config

Targets

- Target
  
  xspcd9.dll
- Size
  
  465KB
- MD5
  
  cec2f415c965ccca17864db799728b23
- SHA1
  
  134b6e9b6fce06dc85b0123c6441c365ad7a93f0
- SHA256
  
  89c0ff2a9bcbc1e2f6054bfbc9f9325e3b02ee2547ed71fc5803d1889f0f642b
- SHA512
  
  f1f1e3cf1db7819b821725ffc3ba867c894ba87c395a0623657f8e561ca6f89144851c5404c510617eb4dc2b6ffdbf33739cd8fa8fc935c558120051c8a411fa
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

gozi_ifsbbankertrojan