gozi_ifsb | 00af5f13551c5e20fe29ec3d12dca555a56cd1edcd0a8633373872334de485ae | Triage

Submit
Reports

Overview

overview

Static

static

p1cture3.dll

windows7_x64

p1cture3.dll

windows10_x64

Sharing

General

Target

p1cture3.dll
Size

133KB
Sample

201218-ttjnjge696
MD5

363430ba47c7d69f75e9bc90dbbc1d8c
SHA1

47fe41dd67e0245c1ece8fcd2c10c713823db833
SHA256

00af5f13551c5e20fe29ec3d12dca555a56cd1edcd0a8633373872334de485ae
SHA512

4e081eb20aaaa487e9047f29b12b508d62fd77517652088d86e310d7d55492ecc4fb2033778cc0e9ce863ae00f7a36aeefa52a24e1e520897b53f8206abca785

Score

10^/10

gozi_ifsb banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

p1cture3.dll

Resource

win7v20201028

gozi_ifsb banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

p1cture3.dll

Resource

win10v20201028

gozi_ifsb banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  p1cture3.dll
- Size
  
  133KB
- MD5
  
  363430ba47c7d69f75e9bc90dbbc1d8c
- SHA1
  
  47fe41dd67e0245c1ece8fcd2c10c713823db833
- SHA256
  
  00af5f13551c5e20fe29ec3d12dca555a56cd1edcd0a8633373872334de485ae
- SHA512
  
  4e081eb20aaaa487e9047f29b12b508d62fd77517652088d86e310d7d55492ecc4fb2033778cc0e9ce863ae00f7a36aeefa52a24e1e520897b53f8206abca785
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan

© 2018-2024

Terms | Privacy