gozi_ifsb | d8f40489dd76bef65dfdc4c19d4a0b43ef16b635731be228bc62e9273d55b27a | Triage

Submit
Reports

Overview

overview

Static

static

xspcd2.dll

windows7_x64

xspcd2.dll

windows10_x64

Sharing

General

Target

sample-326379-8fbf26a8c30ede8e61083c43cf23c6c5.zip
Size

145KB
Sample

201205-lfmlxg2ncs
MD5

82416e14f0b197938590ef7b1cc53674
SHA1

5b8671b385967f435f5b0a6eadbee8f268d41ff7
SHA256

d8f40489dd76bef65dfdc4c19d4a0b43ef16b635731be228bc62e9273d55b27a
SHA512

f2ab88484dc7dbc30b9e5508b3c1ad95b7de65de156e963850679b7c76ef206ab88893284d061ba4c9f775be9aa6863c18512e618357b190ca078ff6fff81d71

Score

10^/10

gozi_ifsb banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

xspcd2.dll

Resource

win7v20201028

gozi_ifsb banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

xspcd2.dll

Resource

win10v20201028

gozi_ifsb banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  xspcd2.dll
- Size
  
  215KB
- MD5
  
  8fbf26a8c30ede8e61083c43cf23c6c5
- SHA1
  
  f9a88e0f25cabd8b66197540ddeffea835337c9a
- SHA256
  
  d22194b4cf2b034bf60e7dfd51f82abca51c9c337f6035fa60c2d5a9756f0126
- SHA512
  
  82e76593c9dfe1f17fd674be22c569509b49b0ee635756c79395775b6f8c55c7c856ebcb2c872eb17d4783afaf0bac87c538faa6027225eb9eab0424c2a3072e
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan

© 2018-2024

Terms | Privacy