gozi_ifsb | 4d36701a7ece574dda56feaca4b70d9ee395ccf6c6522142028120b62324efc8 | Triage

Submit
Reports

Overview

overview

Static

static

ph0t0.jpg.dll

windows7_x64

ph0t0.jpg.dll

windows10_x64

Sharing

General

Target

ph0t0.jpg.dll
Size

160KB
Sample

201216-93flrtgcse
MD5

49fc40f6d58c4f97a38283cd530bf3bb
SHA1

03a0799b99bef6cabb8e4c704cc1dded20ff6590
SHA256

4d36701a7ece574dda56feaca4b70d9ee395ccf6c6522142028120b62324efc8
SHA512

ebba44ce0c524d15a831ac5b02bd23a9eb6635c9e8f51df507dd8fa80035fe833c4935fd6ad2c7f20a8a71f88a728c377f9e93e6d99fa89f698773d7697d675c

Score

10^/10

gozi_ifsb banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

ph0t0.jpg.dll

Resource

win7v20201028

gozi_ifsb banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ph0t0.jpg.dll

Resource

win10v20201028

gozi_ifsb banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ph0t0.jpg.dll
- Size
  
  160KB
- MD5
  
  49fc40f6d58c4f97a38283cd530bf3bb
- SHA1
  
  03a0799b99bef6cabb8e4c704cc1dded20ff6590
- SHA256
  
  4d36701a7ece574dda56feaca4b70d9ee395ccf6c6522142028120b62324efc8
- SHA512
  
  ebba44ce0c524d15a831ac5b02bd23a9eb6635c9e8f51df507dd8fa80035fe833c4935fd6ad2c7f20a8a71f88a728c377f9e93e6d99fa89f698773d7697d675c
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan

© 2018-2024

Terms | Privacy