gozi_ifsb | ba7e4f4e60e5307e25ee0e052018e25de9a9dc310a1d58cade18f50c8a407591 | Triage

Sharing

General

Target

ba7e4f4e60e5307e25ee0e052018e25de9a9dc310a1d58cade18f50c8a407591
Size

161KB
Sample

220205-my2qnaafb9
MD5

6015bbeee416d93df03e4f7c3f7c2f96
SHA1

8f26971ca886eec445006442322f656a7f27313a
SHA256

ba7e4f4e60e5307e25ee0e052018e25de9a9dc310a1d58cade18f50c8a407591
SHA512

d70d75452b28d6dbba2d182f1d4b3134d80c4fa952b394a707d8a84a01c6d90fa4f422ea617ead7ea3dfbe4b2ad2a3b53e0752044c0dadfc252bc4f4ff84980b

Score

10^/10

gozi_ifsb banker cryptone packer trojan

Malware Config

Extracted

Family

gozi_ifsb

Attributes

build
217108

Targets

- Target
  
  ba7e4f4e60e5307e25ee0e052018e25de9a9dc310a1d58cade18f50c8a407591
- Size
  
  161KB
- MD5
  
  6015bbeee416d93df03e4f7c3f7c2f96
- SHA1
  
  8f26971ca886eec445006442322f656a7f27313a
- SHA256
  
  ba7e4f4e60e5307e25ee0e052018e25de9a9dc310a1d58cade18f50c8a407591
- SHA512
  
  d70d75452b28d6dbba2d182f1d4b3134d80c4fa952b394a707d8a84a01c6d90fa4f422ea617ead7ea3dfbe4b2ad2a3b53e0752044c0dadfc252bc4f4ff84980b
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2