gozi_rm3 | 461f8dba6d54344d8f3414d0a2ee03bf12efbf8538d7e781e7c76860d0af52cd | Triage

Sharing

General

Target

436.exe
Size

177KB
Sample

210712-qjjaft3rna
MD5

436e58129cb75672cbf4ef00ad4a2975
SHA1

1b96da3482ef6a1d9f0b67d7b0e58904aa3f86b2
SHA256

461f8dba6d54344d8f3414d0a2ee03bf12efbf8538d7e781e7c76860d0af52cd
SHA512

b77712dbbaba7383ec57d975b7dd8662da2b2242811f29beedca9ed5c70a3314621acb998599bdacf42fe8fc3472e499ec3654baf0a3b1a39220f998b9b38462

Score

10^/10

gozi_rm3 banker trojan

Malware Config

Extracted

Family

gozi_rm3

rsa_pubkey.base64

Targets

- Target
  
  436.exe
- Size
  
  177KB
- MD5
  
  436e58129cb75672cbf4ef00ad4a2975
- SHA1
  
  1b96da3482ef6a1d9f0b67d7b0e58904aa3f86b2
- SHA256
  
  461f8dba6d54344d8f3414d0a2ee03bf12efbf8538d7e781e7c76860d0af52cd
- SHA512
  
  b77712dbbaba7383ec57d975b7dd8662da2b2242811f29beedca9ed5c70a3314621acb998599bdacf42fe8fc3472e499ec3654baf0a3b1a39220f998b9b38462
Score

10^/10

gozi_rm3 banker trojan
- Gozi RM3
  A heavily modified version of Gozi using RM3 loader.
  banker trojan gozi_rm3
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi_rm3bankertrojan

behavioral2

gozi_rm3bankertrojan