General

  • Target

    c84ae91054b08d593b81076ef69e148f

  • Size

    3.3MB

  • Sample

    240314-lkm5nsba63

  • MD5

    c84ae91054b08d593b81076ef69e148f

  • SHA1

    9efd8395a569dabf6de080624a09354b99f6eb09

  • SHA256

    e9c3b3d5110a014a41964ef37fb07846cd6f006c813e16ca7cba4d256063b88c

  • SHA512

    776c3d8773b0edd3e56216933df823efcc78f565e6846a74ad05a2dcdd4ef33ad90941399744bc4260c7fdf53c21665ef2d5d270550f77e6d688e6c15777a0ad

  • SSDEEP

    98304:WsMFfxP63qOSvCVFF24d6Yd4S+D845wVmE8G4T2O:WFpP63qOS6FBd4r845wVmE94Tr

Score
10/10

Malware Config

Extracted

Family

gozi

Targets

    • Target

      c84ae91054b08d593b81076ef69e148f

    • Size

      3.3MB

    • MD5

      c84ae91054b08d593b81076ef69e148f

    • SHA1

      9efd8395a569dabf6de080624a09354b99f6eb09

    • SHA256

      e9c3b3d5110a014a41964ef37fb07846cd6f006c813e16ca7cba4d256063b88c

    • SHA512

      776c3d8773b0edd3e56216933df823efcc78f565e6846a74ad05a2dcdd4ef33ad90941399744bc4260c7fdf53c21665ef2d5d270550f77e6d688e6c15777a0ad

    • SSDEEP

      98304:WsMFfxP63qOSvCVFF24d6Yd4S+D845wVmE8G4T2O:WFpP63qOS6FBd4r845wVmE94Tr

    Score
    10/10
    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks