General

  • Target

    c82837e652674a28cdaa47332b97a476

  • Size

    528KB

  • Sample

    240314-kb2q2aha69

  • MD5

    c82837e652674a28cdaa47332b97a476

  • SHA1

    57a413cc22af695db6446007ea91a62c1e379c2c

  • SHA256

    3b626c13064d715850f0fdbbf3979871b8fe7ec97b89ee9b134deb19529995b7

  • SHA512

    9b93ccc84066d49044fc000ba4cc523a1bdd759a32f58bf0eed5fbf82c49d47c4a749f80ec51e2f7153a67196c909af419ba85bba84a0d1277df5cc3ef7be75e

  • SSDEEP

    12288:0vFm7XHEEqDxs776c7MfvyWFJQixSKJaYbSsb:0vU70E0s7Wc7WqWXWKTSsb

Score
10/10

Malware Config

Extracted

Family

gozi

Targets

    • Target

      c82837e652674a28cdaa47332b97a476

    • Size

      528KB

    • MD5

      c82837e652674a28cdaa47332b97a476

    • SHA1

      57a413cc22af695db6446007ea91a62c1e379c2c

    • SHA256

      3b626c13064d715850f0fdbbf3979871b8fe7ec97b89ee9b134deb19529995b7

    • SHA512

      9b93ccc84066d49044fc000ba4cc523a1bdd759a32f58bf0eed5fbf82c49d47c4a749f80ec51e2f7153a67196c909af419ba85bba84a0d1277df5cc3ef7be75e

    • SSDEEP

      12288:0vFm7XHEEqDxs776c7MfvyWFJQixSKJaYbSsb:0vU70E0s7Wc7WqWXWKTSsb

    Score
    10/10
    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks