gozi_ifsb | 5feeee23ecd310ed552b56c1992d5e7f6dbf4e656224a9f3073b83770768e994 | Triage

Submit
Reports

Overview

overview

Static

static

8

5feeee23ec...le.exe

windows10_x64

Sharing

General

Target

5feeee23ecd310ed552b56c1992d5e7f6dbf4e656224a9f3073b83770768e994.bin.sample
Size

505KB
Sample

211022-k19g6sbde5
MD5

4d5abd974d213339274581a49e9c2780
SHA1

84d211bdd139ac61f760a3d396c7e19680163313
SHA256

5feeee23ecd310ed552b56c1992d5e7f6dbf4e656224a9f3073b83770768e994
SHA512

0d3daa629fc8161028358b4a496eac4427f2cc9f30999b1a02e89d7a7104ded24e33687c31f7cc2d6b1c5e89e14689b7a265d3b1b4e581a91f03047a52045dcd

Score

10^/10

gozi_ifsb banker trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

5feeee23ecd310ed552b56c1992d5e7f6dbf4e656224a9f3073b83770768e994.bin.sample.exe

Resource

win10-en-20210920

gozi_ifsb banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  5feeee23ecd310ed552b56c1992d5e7f6dbf4e656224a9f3073b83770768e994.bin.sample
- Size
  
  505KB
- MD5
  
  4d5abd974d213339274581a49e9c2780
- SHA1
  
  84d211bdd139ac61f760a3d396c7e19680163313
- SHA256
  
  5feeee23ecd310ed552b56c1992d5e7f6dbf4e656224a9f3073b83770768e994
- SHA512
  
  0d3daa629fc8161028358b4a496eac4427f2cc9f30999b1a02e89d7a7104ded24e33687c31f7cc2d6b1c5e89e14689b7a265d3b1b4e581a91f03047a52045dcd
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

© 2018-2024

Terms | Privacy