gozi_ifsb | f3c0cb53a4e88d97445b3276cea4e101b60535535ec6e620185f6d43e6604816 | Triage

Sharing

General

Target

4b373042809dbc09043c9aa5d2ac7570b91327fc47c8caef918c72ba786f33b4_unpacked_x64
Size

359KB
Sample

221027-aehgfsabek
MD5

012cfbbe670e099085223c89e86b771a
SHA1

889a7c1366eea7dbcfb0df549822b0948333936d
SHA256

f3c0cb53a4e88d97445b3276cea4e101b60535535ec6e620185f6d43e6604816
SHA512

8466aafa9bb52423e50c28e79a04908c5193afcebd2248b0c20ad21e3bdc301386b912a9538c44f4e62dbf57201347c921b99182aca02a05d01e10b083bfd445
SSDEEP

6144:Ac+0IiFwDDl+sMy2iW8REaezFLRlABdCK/stVhfNykn529o8ynqTkAP/fC:AX0IKwDDl7My9RE3zDlABdC5VJp29o81

Score

10^/10

gozi_ifsb banker trojan

Malware Config

Extracted

Family

gozi_ifsb

Attributes

build
216887

Targets

- Target
  
  4b373042809dbc09043c9aa5d2ac7570b91327fc47c8caef918c72ba786f33b4_unpacked_x64
- Size
  
  359KB
- MD5
  
  012cfbbe670e099085223c89e86b771a
- SHA1
  
  889a7c1366eea7dbcfb0df549822b0948333936d
- SHA256
  
  f3c0cb53a4e88d97445b3276cea4e101b60535535ec6e620185f6d43e6604816
- SHA512
  
  8466aafa9bb52423e50c28e79a04908c5193afcebd2248b0c20ad21e3bdc301386b912a9538c44f4e62dbf57201347c921b99182aca02a05d01e10b083bfd445
- SSDEEP
  
  6144:Ac+0IiFwDDl+sMy2iW8REaezFLRlABdCK/stVhfNykn529o8ynqTkAP/fC:AX0IKwDDl7My9RE3zDlABdC5VJp29o81
Score

10^/10

gozi_ifsb banker trojan
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi_ifsbbankertrojan

behavioral2

gozi_ifsbbankertrojan