gozi_ifsb | 7c15e84b317262bc0b881045a322507978ef145d92f2ef3952b5f8b4536a98d8 | Triage

Sharing

General

Target

2.rsp.dat.zip
Size

155KB
Sample

201207-w1np2ppnvx
MD5

620181c64c309a53b53a3b16c47eb557
SHA1

217f1c5ae4a26f4342546b8a8e41082f8d355ef5
SHA256

7c15e84b317262bc0b881045a322507978ef145d92f2ef3952b5f8b4536a98d8
SHA512

bbf295f206a7a7fc682980dd1a687aff4ecbd6024a2cd0e5ad68f2c40e095faa435f891b72f34004a9f36dfd8c1ac8d72fa3a186ffc5ecf1b74e933ab5062316

Score

10^/10

gozi_ifsb banker trojan

Malware Config

Targets

- Target
  
  2.rsp.dat
- Size
  
  249KB
- MD5
  
  8496f33552713183446511bbb2304e22
- SHA1
  
  6ed08afb63e2ba64052e1833fcf00f920f6594bb
- SHA256
  
  691738533c4ee487b0da4a8fa27ea1e9739a3b10a74c11b1b7435eab586d3742
- SHA512
  
  9c96dd893ddbc473b23270340608f32a24178fa0c7b961bb17d4e93d2e4830bb7eb3f793974c4533a593b9a91db4b311fe718ccbd1f2ab0a6950e4efb67de3d0
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan