gozi_ifsb | 3fd65bd55e4dadbf079c6a533941135b0ddf217dea16eec6ebc33f2098ea6276 | Triage

Submit
Reports

Overview

overview

Static

static

3fd65bd55e...76.exe

windows7_x64

3fd65bd55e...76.exe

windows10-2004_x64

Sharing

General

Target

3fd65bd55e4dadbf079c6a533941135b0ddf217dea16eec6ebc33f2098ea6276
Size

720KB
Sample

220630-xcrnnsgdcr
MD5

5b882d515e43454b747846b57bbecd80
SHA1

982d7e6b734aed22471513907f49306b6a75a4c4
SHA256

3fd65bd55e4dadbf079c6a533941135b0ddf217dea16eec6ebc33f2098ea6276
SHA512

761fcc0a7d88e52a62d87a86a02dd66f2a01563589425146bcd6eaef1af823561df34dbf098356f5fc2eef2dc36d3e0f8bf8e8674114d994284b32048562a004

Score

10^/10

gozi_ifsb banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

3fd65bd55e4dadbf079c6a533941135b0ddf217dea16eec6ebc33f2098ea6276.exe

Resource

win7-20220414-en

gozi_ifsb banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3fd65bd55e4dadbf079c6a533941135b0ddf217dea16eec6ebc33f2098ea6276.exe

Resource

win10v2004-20220414-en

gozi_ifsb banker trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3fd65bd55e4dadbf079c6a533941135b0ddf217dea16eec6ebc33f2098ea6276
- Size
  
  720KB
- MD5
  
  5b882d515e43454b747846b57bbecd80
- SHA1
  
  982d7e6b734aed22471513907f49306b6a75a4c4
- SHA256
  
  3fd65bd55e4dadbf079c6a533941135b0ddf217dea16eec6ebc33f2098ea6276
- SHA512
  
  761fcc0a7d88e52a62d87a86a02dd66f2a01563589425146bcd6eaef1af823561df34dbf098356f5fc2eef2dc36d3e0f8bf8e8674114d994284b32048562a004
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan

© 2018-2024

Terms | Privacy