General

  • Target

    d04ce36b2c6a5888bf4c413ed5a1c8d2e16af857957742059e7f4de74d36d854

  • Size

    283KB

  • Sample

    220205-lr2lmsacgl

  • MD5

    e704302809da8bdef8e97ae3a05a4020

  • SHA1

    d017313cf274b1f3b7a337808dfdd1dfe6b28a75

  • SHA256

    d04ce36b2c6a5888bf4c413ed5a1c8d2e16af857957742059e7f4de74d36d854

  • SHA512

    2a8a95d9536b33d6c833c5a0fc0064cf4fff5beaadab5e8d8d33d51fc7a5d98778d606c51788c81a16d837a48fe7a3832222c367a22848514e27eb2d3cd715e9

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    214131

Targets

    • Target

      d04ce36b2c6a5888bf4c413ed5a1c8d2e16af857957742059e7f4de74d36d854

    • Size

      283KB

    • MD5

      e704302809da8bdef8e97ae3a05a4020

    • SHA1

      d017313cf274b1f3b7a337808dfdd1dfe6b28a75

    • SHA256

      d04ce36b2c6a5888bf4c413ed5a1c8d2e16af857957742059e7f4de74d36d854

    • SHA512

      2a8a95d9536b33d6c833c5a0fc0064cf4fff5beaadab5e8d8d33d51fc7a5d98778d606c51788c81a16d837a48fe7a3832222c367a22848514e27eb2d3cd715e9

    • Gozi, Gozi IFSB

      Gozi ISFB is a well-known and widely distributed banking trojan.

    • suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)

      suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)

MITRE ATT&CK Enterprise v6

Tasks