gozi | b7118f6cd74d92c5fd06cb11931c161d031e6bd0cfe121b91e831bf1d5ca64c7 | Triage

Submit
Reports

Overview

overview

Static

static

7

a1882445b6...c0.exe

windows7-x64

a1882445b6...c0.exe

windows10-2004-x64

7

Sharing

General

Target

a1882445b6e89bf1112354e22f3062c0
Size

2.7MB
Sample

240224-lj4e9sgg4t
MD5

a1882445b6e89bf1112354e22f3062c0
SHA1

1c6cf8a64b32e255ba0616eb61967be0bf55f88f
SHA256

b7118f6cd74d92c5fd06cb11931c161d031e6bd0cfe121b91e831bf1d5ca64c7
SHA512

0562e8d8982bab35f3a5a46e509863622edd4d6dc11715e6c67b29f4bcc28f5ece7a88fde57ba4e851260634060369a43834ef6af3af2b3e8f6fa2139d93e9a0
SSDEEP

49152:C99FYePL9j9qwVoTD0Cn8AzTIPqkqIreD0nn7CZQdI5+SRVUMU3OJR/:C1j/ikC8AH1sewn2+SjLaOJR

Score

10^/10

gozi banker isfb trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a1882445b6e89bf1112354e22f3062c0.exe

Resource

win7-20240221-en

gozi banker isfb trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

a1882445b6e89bf1112354e22f3062c0.exe

Resource

win10v2004-20240221-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  a1882445b6e89bf1112354e22f3062c0
- Size
  
  2.7MB
- MD5
  
  a1882445b6e89bf1112354e22f3062c0
- SHA1
  
  1c6cf8a64b32e255ba0616eb61967be0bf55f88f
- SHA256
  
  b7118f6cd74d92c5fd06cb11931c161d031e6bd0cfe121b91e831bf1d5ca64c7
- SHA512
  
  0562e8d8982bab35f3a5a46e509863622edd4d6dc11715e6c67b29f4bcc28f5ece7a88fde57ba4e851260634060369a43834ef6af3af2b3e8f6fa2139d93e9a0
- SSDEEP
  
  49152:C99FYePL9j9qwVoTD0Cn8AzTIPqkqIreD0nn7CZQdI5+SRVUMU3OJR/:C1j/ikC8AH1sewn2+SjLaOJR
Score

10^/10

gozi banker isfb trojan upx
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozibankerisfbtrojanupx

behavioral2

© 2018-2024

Terms | Privacy