General
-
Target
03c141047336c966a5bcdc9fbcaff9e5dcd3bdd56513e1faeae780c02dbfcba7
-
Size
468KB
-
Sample
221003-b26m8scdhk
-
MD5
7119ac323831b4c5dbdce6633a55ffc0
-
SHA1
db6d0bd4a416864fc59a05bd31891e850227295a
-
SHA256
03c141047336c966a5bcdc9fbcaff9e5dcd3bdd56513e1faeae780c02dbfcba7
-
SHA512
69aa2d69963fc7b3fa57e1f067707280589abdf3eb778a6900288b4d56f9e517acc49bfb23e87ea43b5ca95abdfd0075ac38c046a5db82b7bc3dfecf1f9f5f87
-
SSDEEP
12288:HtNK/vI0S/xwaWKewTkpHWaWMUq1a1OXnZj8DKOihme:HtUvpS/xwaWrwTkpH2gEwh
Malware Config
Targets
-
-
Target
03c141047336c966a5bcdc9fbcaff9e5dcd3bdd56513e1faeae780c02dbfcba7
-
Size
468KB
-
MD5
7119ac323831b4c5dbdce6633a55ffc0
-
SHA1
db6d0bd4a416864fc59a05bd31891e850227295a
-
SHA256
03c141047336c966a5bcdc9fbcaff9e5dcd3bdd56513e1faeae780c02dbfcba7
-
SHA512
69aa2d69963fc7b3fa57e1f067707280589abdf3eb778a6900288b4d56f9e517acc49bfb23e87ea43b5ca95abdfd0075ac38c046a5db82b7bc3dfecf1f9f5f87
-
SSDEEP
12288:HtNK/vI0S/xwaWKewTkpHWaWMUq1a1OXnZj8DKOihme:HtUvpS/xwaWrwTkpH2gEwh
Score10/10-
Gozi, Gozi IFSB
Gozi ISFB is a well-known and widely distributed banking trojan.
-
Deletes itself
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-