gozi_ifsb | d8bcf8beebb5ab690b52094df6317f023f62f044e8107508d84d06d4700fe81a | Triage

Sharing

General

Target

759e055bf47a9ce1a7fce3e3276120f3.dll
Size

130KB
Sample

210504-qv5jveg1tj
MD5

759e055bf47a9ce1a7fce3e3276120f3
SHA1

d6de742f6caf13d4a9aa75287d041596fbcea73a
SHA256

d8bcf8beebb5ab690b52094df6317f023f62f044e8107508d84d06d4700fe81a
SHA512

7bba491da19915bc7719063206b8718d061641d12d833979cc27136811b40ec1fa1ab913d3847c7068f90b2a90706bd288cb62342f62c294fc2d140f88fa1b7b

Score

10^/10

gozi_ifsb banker trojan

Malware Config

Extracted

Family

gozi_ifsb

Attributes

build
250187
exe_type
loader

rsa_pubkey.base64

Targets

- Target
  
  759e055bf47a9ce1a7fce3e3276120f3.dll
- Size
  
  130KB
- MD5
  
  759e055bf47a9ce1a7fce3e3276120f3
- SHA1
  
  d6de742f6caf13d4a9aa75287d041596fbcea73a
- SHA256
  
  d8bcf8beebb5ab690b52094df6317f023f62f044e8107508d84d06d4700fe81a
- SHA512
  
  7bba491da19915bc7719063206b8718d061641d12d833979cc27136811b40ec1fa1ab913d3847c7068f90b2a90706bd288cb62342f62c294fc2d140f88fa1b7b
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan