gozi_ifsb | 15a7c3abd4f124afbf01c289a1604826ef5cec3646ef0a7db57cba8154bbc225 | Triage

Sharing

General

Target

2013911086eeba13ee90a57d81a27fabdab52e9896f0ec55e7b9aec0528c57b7_unpacked
Size

157KB
Sample

221026-3w5mjaaahq
MD5

1ed3800b65c1be3e6f22f4b9c26007a8
SHA1

3cad6efd700630671aa93bcca6b448b067f0be23
SHA256

15a7c3abd4f124afbf01c289a1604826ef5cec3646ef0a7db57cba8154bbc225
SHA512

2a5cd6b58e53385044119e45ba517074f6f7fa03e2cb2611c97550daf078a7ac7b0d3617153043888db0166bb3a66ce9e601e3d619297874ac4a02944497fd8a
SSDEEP

3072:8Gs0Ma2hadNwxuGzYpjG7zqlalXn8Zt4qPiLiNmQiqSD8JGGzX5KlKV15uZ:8GFMawdxuGzYpEqlalMAqPitQCDM/XNg

Score

10^/10

gozi_ifsb banker trojan

Malware Config

Extracted

Family

gozi_ifsb

Attributes

build
214896

Targets

- Target
  
  2013911086eeba13ee90a57d81a27fabdab52e9896f0ec55e7b9aec0528c57b7_unpacked
- Size
  
  157KB
- MD5
  
  1ed3800b65c1be3e6f22f4b9c26007a8
- SHA1
  
  3cad6efd700630671aa93bcca6b448b067f0be23
- SHA256
  
  15a7c3abd4f124afbf01c289a1604826ef5cec3646ef0a7db57cba8154bbc225
- SHA512
  
  2a5cd6b58e53385044119e45ba517074f6f7fa03e2cb2611c97550daf078a7ac7b0d3617153043888db0166bb3a66ce9e601e3d619297874ac4a02944497fd8a
- SSDEEP
  
  3072:8Gs0Ma2hadNwxuGzYpjG7zqlalXn8Zt4qPiLiNmQiqSD8JGGzX5KlKV15uZ:8GFMawdxuGzYpEqlalMAqPitQCDM/XNg
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan