gozi_ifsb | f00e493560742bfb091591f3bd2dac32fa74de72bd9949e6ad7a0e255193e20a | Triage

Sharing

General

Target

f00e493560742bfb091591f3bd2dac32fa74de72bd9949e6ad7a0e255193e20a
Size

581KB
Sample

220205-j3tdashfar
MD5

0e46dbfab22c5844c4a72412ab09b42c
SHA1

3f5e160e703675cb5e95b8e9dbc85ef61ad08386
SHA256

f00e493560742bfb091591f3bd2dac32fa74de72bd9949e6ad7a0e255193e20a
SHA512

40afefb607db78b8d998d34bcb89140f95f681238a0def8e7afed1004059b3ca10e21b7997e9f5c8deee0263ea908b78df86228c167fa3ada60d30dd471983b6

Score

10^/10

gozi_ifsb banker cryptone packer trojan

Malware Config

Extracted

Family

gozi_ifsb

Attributes

build
217108

Targets

- Target
  
  f00e493560742bfb091591f3bd2dac32fa74de72bd9949e6ad7a0e255193e20a
- Size
  
  581KB
- MD5
  
  0e46dbfab22c5844c4a72412ab09b42c
- SHA1
  
  3f5e160e703675cb5e95b8e9dbc85ef61ad08386
- SHA256
  
  f00e493560742bfb091591f3bd2dac32fa74de72bd9949e6ad7a0e255193e20a
- SHA512
  
  40afefb607db78b8d998d34bcb89140f95f681238a0def8e7afed1004059b3ca10e21b7997e9f5c8deee0263ea908b78df86228c167fa3ada60d30dd471983b6
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2