gozi_ifsb | 83dcc311540f19447378f60f85632b582b87c2ebc418d7fd1089230de201c408 | Triage

Sharing

General

Target

07658c673d6fef7c467c279eaacb5387b991cbdf82f0b5695a8d9117102db3fb_unpacked_x64
Size

373KB
Sample

221026-3w1nksaag9
MD5

11f5141faed4c8994321675b4058b02d
SHA1

bd80bc130969148288c784b8e42e623baf189686
SHA256

83dcc311540f19447378f60f85632b582b87c2ebc418d7fd1089230de201c408
SHA512

83ef17f10a014f6935e791e93672e46880615217c1b95ab1733bd00f26d7affcb9000c321d7061e187435a77f1cf73c530d98327b8e7f0a77912fd003ecb3b51
SSDEEP

6144:gEYeRMfxZX6++fT2tGtTvC9qV0Lf7O6IXo1isLOHYr5bH/:gEnMfxZX6+8SWTvCoQjGoQsCHYrZ

Score

10^/10

gozi_ifsb banker trojan

Malware Config

Extracted

Family

gozi_ifsb

Attributes

build
216861

Targets

- Target
  
  07658c673d6fef7c467c279eaacb5387b991cbdf82f0b5695a8d9117102db3fb_unpacked_x64
- Size
  
  373KB
- MD5
  
  11f5141faed4c8994321675b4058b02d
- SHA1
  
  bd80bc130969148288c784b8e42e623baf189686
- SHA256
  
  83dcc311540f19447378f60f85632b582b87c2ebc418d7fd1089230de201c408
- SHA512
  
  83ef17f10a014f6935e791e93672e46880615217c1b95ab1733bd00f26d7affcb9000c321d7061e187435a77f1cf73c530d98327b8e7f0a77912fd003ecb3b51
- SSDEEP
  
  6144:gEYeRMfxZX6++fT2tGtTvC9qV0Lf7O6IXo1isLOHYr5bH/:gEnMfxZX6+8SWTvCoQjGoQsCHYrZ
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2