General

  • Target

    328dbbe6ae6d71b8f15f5d435542fc0a7249cc190d698dfdc9861106072bf954

  • Size

    5.0MB

  • Sample

    220215-rtht7shbek

  • MD5

    7dc7fc608762fac8459ca885b63d5886

  • SHA1

    b1b1638aff35f0b55cb660bef2784907d879bc60

  • SHA256

    328dbbe6ae6d71b8f15f5d435542fc0a7249cc190d698dfdc9861106072bf954

  • SHA512

    059ac7a84588f4ca137579278321b90abbc00130aeaaa3d87055a131886d79f10fb23f4a57fb7a838e926eb1fdc09c414eaf0951fd8a5c9b0af608abfef48da7

Malware Config

Targets

    • Target

      328dbbe6ae6d71b8f15f5d435542fc0a7249cc190d698dfdc9861106072bf954

    • Size

      5.0MB

    • MD5

      7dc7fc608762fac8459ca885b63d5886

    • SHA1

      b1b1638aff35f0b55cb660bef2784907d879bc60

    • SHA256

      328dbbe6ae6d71b8f15f5d435542fc0a7249cc190d698dfdc9861106072bf954

    • SHA512

      059ac7a84588f4ca137579278321b90abbc00130aeaaa3d87055a131886d79f10fb23f4a57fb7a838e926eb1fdc09c414eaf0951fd8a5c9b0af608abfef48da7

    • Gozi, Gozi IFSB

      Gozi ISFB is a well-known and widely distributed banking trojan.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

MITRE ATT&CK Enterprise v6

Tasks