gozi | 40ecf9f28eb8c47360ec1237d0c6858970579347f9d4da7a6dbdc1d5c29b15aa | Triage

Submit
Reports

Overview

overview

Static

static

40ecf9f28e...aa.exe

windows7-x64

40ecf9f28e...aa.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

40ecf9f28eb8c47360ec1237d0c6858970579347f9d4da7a6dbdc1d5c29b15aa.exe

Resource

win7-20230220-en

gozi banker isfb trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

40ecf9f28eb8c47360ec1237d0c6858970579347f9d4da7a6dbdc1d5c29b15aa.exe

Resource

win10v2004-20230220-en

gozi banker isfb trojan

windows10-2004-x64

1 signatures

150 seconds

General

Target

40ecf9f28eb8c47360ec1237d0c6858970579347f9d4da7a6dbdc1d5c29b15aa
Size

1.8MB
MD5

91fe7243f16f8904fe1bf510b8d40b9b
SHA1

485312803241a25efc7d19152193df22f485728a
SHA256

40ecf9f28eb8c47360ec1237d0c6858970579347f9d4da7a6dbdc1d5c29b15aa
SHA512

a9da4e01fce01c9918a340768ded5ba1f4ecf3d671c192e6a74f056f6d42fdd07bcbaf07a8acd8cdb2422c415feec9fcf5bd1636ad4846281c181a3e08eee334
SSDEEP

49152:UUtBYIa5jxu0MjUjbmJ7bB+s8KuqGaX0ToIBAUZLY4:UMYIa1xujbqJBAUZL

Score

10^/10

isfb gozi

Malware Config

Extracted

Family

gozi

Signatures

Gozi family
gozi

Files

40ecf9f28eb8c47360ec1237d0c6858970579347f9d4da7a6dbdc1d5c29b15aa
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 588KB - Virtual size: 585KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 992KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SUPG
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy