gozi_ifsb | dddf5829a3bdcb2b6562eb194a138f8de5da26eb5dda0bbfacbbf1124ad51ec6 | Triage

Submit
Reports

Overview

overview

Static

static

8

DSC_Canon_...ip.exe

windows7_x64

DSC_Canon_...ip.exe

windows10_x64

Sharing

General

Target

DSC_Canon_23.12.2020.zip.exe
Size

255KB
Sample

201224-1dx5xd4y2s
MD5

1900f3bd2b1848b0f4b1a0495f11d84e
SHA1

38de4f6bbd82ee58259d39db4cbb14c505837b88
SHA256

dddf5829a3bdcb2b6562eb194a138f8de5da26eb5dda0bbfacbbf1124ad51ec6
SHA512

d16dbd03da41abc45247f9c7c00a1d363e13949c0203077806996d17982788207318ffd7c5e5a835cb3eddfff556843a34baef93c8547e4001cc2fc017e3b60a

Score

10^/10

gozi_ifsb banker trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

DSC_Canon_23.12.2020.zip.exe

Resource

win7v20201028

gozi_ifsb banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

DSC_Canon_23.12.2020.zip.exe

Resource

win10v20201028

gozi_ifsb banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  DSC_Canon_23.12.2020.zip.exe
- Size
  
  255KB
- MD5
  
  1900f3bd2b1848b0f4b1a0495f11d84e
- SHA1
  
  38de4f6bbd82ee58259d39db4cbb14c505837b88
- SHA256
  
  dddf5829a3bdcb2b6562eb194a138f8de5da26eb5dda0bbfacbbf1124ad51ec6
- SHA512
  
  d16dbd03da41abc45247f9c7c00a1d363e13949c0203077806996d17982788207318ffd7c5e5a835cb3eddfff556843a34baef93c8547e4001cc2fc017e3b60a
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan

© 2018-2024

Terms | Privacy