Overview

overview

10

Static

static

ismvxl.woc.dll

windows7_x64

10

ismvxl.woc.dll

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ismvxl.woc

  • Size

    419KB

  • Sample

    210419-cg9xqp5hz2

  • MD5

    5a52b1494c7929a2ef4d2e6d485358e8

  • SHA1

    a78dbd06aef4815e272f476695989706a5432e8d

  • SHA256

    e4fdba0b24b4184ddafe6add29b6d3415e26422e3752a81d049cb888791aabf3

  • SHA512

    d9d76e7ef16394af4576f187cab4fc5e6653c62c4bb092a76a4c0cc4d9209f31b13eeed3533d5e13c969bc7cc7fcd436867cca345fd3677f953f488a91b0eb25

Score
10/10
gozi_rm3bankertrojan

Malware Config

Targets

    • Target

      ismvxl.woc

    • Size

      419KB

    • MD5

      5a52b1494c7929a2ef4d2e6d485358e8

    • SHA1

      a78dbd06aef4815e272f476695989706a5432e8d

    • SHA256

      e4fdba0b24b4184ddafe6add29b6d3415e26422e3752a81d049cb888791aabf3

    • SHA512

      d9d76e7ef16394af4576f187cab4fc5e6653c62c4bb092a76a4c0cc4d9209f31b13eeed3533d5e13c969bc7cc7fcd436867cca345fd3677f953f488a91b0eb25

    Score
    10/10
    gozi_rm3bankertrojan

    • Gozi RM3

      A heavily modified version of Gozi using RM3 loader.

      bankertrojangozi_rm3

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks