General
-
Target
f0t0s.dll
-
Size
141KB
-
Sample
210121-6fp1qgmj8e
-
MD5
eecfc005c040236b5818d7e8f775ffed
-
SHA1
42bb1cfe2532023f6a099328e7a8f08dcd145231
-
SHA256
cd773a8e18731c4d551faf1dcc8eb050c7eac19c9758a145f91c1dfa79361db8
-
SHA512
ad9e6f52e5e2920369a003c98539c212e9ce839ff211cf3059468ba565fce345277611b893e8c2f546108cb9cd921c20c32ec8da5ce78de298b738f7b2221cf1
Malware Config
Targets
-
-
Target
f0t0s.dll
-
Size
141KB
-
MD5
eecfc005c040236b5818d7e8f775ffed
-
SHA1
42bb1cfe2532023f6a099328e7a8f08dcd145231
-
SHA256
cd773a8e18731c4d551faf1dcc8eb050c7eac19c9758a145f91c1dfa79361db8
-
SHA512
ad9e6f52e5e2920369a003c98539c212e9ce839ff211cf3059468ba565fce345277611b893e8c2f546108cb9cd921c20c32ec8da5ce78de298b738f7b2221cf1
Score10/10-
Gozi, Gozi IFSB
Gozi ISFB is a well-known and widely distributed banking trojan.
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-