gozi | 9f1b5b5cdc5446f249d1a16c81fd4aecc1d9ac4c7c9e8ce286d452376e2feb69 | Triage

Submit
Reports

Overview

overview

Static

static

7

a5681e74c6...ed.exe

windows7-x64

a5681e74c6...ed.exe

windows10-2004-x64

7

Sharing

General

Target

a5681e74c6746db55e759d64114815ed
Size

5.8MB
Sample

240226-ewlbwsdb2s
MD5

a5681e74c6746db55e759d64114815ed
SHA1

befe608f249a1e5fb494e07d4ddcdffa5cb159f8
SHA256

9f1b5b5cdc5446f249d1a16c81fd4aecc1d9ac4c7c9e8ce286d452376e2feb69
SHA512

59f400f5d1dbee04710714274873dbf2d9cc2ac1ca3380381ef3ba4ccc8e07dfb66b3595d85011808d39d443273ea1b0c9f9b7f72dc2c0328c7285fe00c61111
SSDEEP

98304:WN06zlJuHau42c1joCjMPkNwk6K3l/fBbbM3MLXn6XHau42c1joCjMPkNwk6:Wblqauq1jI86ADnx0auq1jI86

Score

10^/10

gozi banker isfb trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a5681e74c6746db55e759d64114815ed.exe

Resource

win7-20240221-en

gozi banker isfb trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

a5681e74c6746db55e759d64114815ed.exe

Resource

win10v2004-20240221-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  a5681e74c6746db55e759d64114815ed
- Size
  
  5.8MB
- MD5
  
  a5681e74c6746db55e759d64114815ed
- SHA1
  
  befe608f249a1e5fb494e07d4ddcdffa5cb159f8
- SHA256
  
  9f1b5b5cdc5446f249d1a16c81fd4aecc1d9ac4c7c9e8ce286d452376e2feb69
- SHA512
  
  59f400f5d1dbee04710714274873dbf2d9cc2ac1ca3380381ef3ba4ccc8e07dfb66b3595d85011808d39d443273ea1b0c9f9b7f72dc2c0328c7285fe00c61111
- SSDEEP
  
  98304:WN06zlJuHau42c1joCjMPkNwk6K3l/fBbbM3MLXn6XHau42c1joCjMPkNwk6:Wblqauq1jI86ADnx0auq1jI86
Score

10^/10

gozi banker isfb trojan upx
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozibankerisfbtrojanupx

behavioral2

© 2018-2024

Terms | Privacy