General

  • Target

    a3860a3ec9d70ab45e93698d6806eec7607b1cfe8fbcb00ae12c256216d0e0ea

  • Size

    432KB

  • Sample

    220319-1wyg4safc9

  • MD5

    ac4754b4303720c4693f3fda26a067e3

  • SHA1

    86828a0725586cbaa63c22d6bec177c434efd4ad

  • SHA256

    a3860a3ec9d70ab45e93698d6806eec7607b1cfe8fbcb00ae12c256216d0e0ea

  • SHA512

    3f2c11c20318bd1e6a914b71d6d970553df761972b6c0dfa1f1ddeaa34cbf52ba88cf7919c595443972d79c2b6306892089076af59ca6f30026a66e18a4b2e2c

Score
10/10

Malware Config

Targets

    • Target

      a3860a3ec9d70ab45e93698d6806eec7607b1cfe8fbcb00ae12c256216d0e0ea

    • Size

      432KB

    • MD5

      ac4754b4303720c4693f3fda26a067e3

    • SHA1

      86828a0725586cbaa63c22d6bec177c434efd4ad

    • SHA256

      a3860a3ec9d70ab45e93698d6806eec7607b1cfe8fbcb00ae12c256216d0e0ea

    • SHA512

      3f2c11c20318bd1e6a914b71d6d970553df761972b6c0dfa1f1ddeaa34cbf52ba88cf7919c595443972d79c2b6306892089076af59ca6f30026a66e18a4b2e2c

    Score
    10/10
    • Gozi, Gozi IFSB

      Gozi ISFB is a well-known and widely distributed banking trojan.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks