gozi_ifsb | 466281284c21f14e72173ebc3d11e7c577bd4fcdf71fdeb0a82f87f566019092 | Triage

Sharing

General

Target

4b373042809dbc09043c9aa5d2ac7570b91327fc47c8caef918c72ba786f33b4_unpacked
Size

281KB
Sample

221027-aegvxsabdr
MD5

e1bd43809540a6e8e4f0fe0a25967ec8
SHA1

ff8fa94257287ce61f0d0bd506d6f3e24c4051bf
SHA256

466281284c21f14e72173ebc3d11e7c577bd4fcdf71fdeb0a82f87f566019092
SHA512

b78ac0cd7e69c1d7df73cceb0feb7d2f4298fa8ff2c0be5ea7520e8fb43156f30a73e43640524c3dd42c6cf4a391f24bc116b198be17a95cdb650294dcde8242
SSDEEP

6144:nR3xMuDPZlxVMqlalkZWsu3dbEOdYfB1yYgaoObkC7SnIAzP4rMX:J3DMqglko1pBYmYacp7SnIQ1X

Score

10^/10

gozi_ifsb banker trojan

Malware Config

Extracted

Family

gozi_ifsb

Attributes

build
216887

Targets

- Target
  
  4b373042809dbc09043c9aa5d2ac7570b91327fc47c8caef918c72ba786f33b4_unpacked
- Size
  
  281KB
- MD5
  
  e1bd43809540a6e8e4f0fe0a25967ec8
- SHA1
  
  ff8fa94257287ce61f0d0bd506d6f3e24c4051bf
- SHA256
  
  466281284c21f14e72173ebc3d11e7c577bd4fcdf71fdeb0a82f87f566019092
- SHA512
  
  b78ac0cd7e69c1d7df73cceb0feb7d2f4298fa8ff2c0be5ea7520e8fb43156f30a73e43640524c3dd42c6cf4a391f24bc116b198be17a95cdb650294dcde8242
- SSDEEP
  
  6144:nR3xMuDPZlxVMqlalkZWsu3dbEOdYfB1yYgaoObkC7SnIAzP4rMX:J3DMqglko1pBYmYacp7SnIQ1X
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan