gozi | 792c75c1c6961715c07b3229294667bd993a365f7ad083ba435bd4cf18fe2f28 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23417ad8e248597af107e67ee205b14a_JaffaCakes118
Size

148KB
Sample

240508-felf1abe4w
MD5

23417ad8e248597af107e67ee205b14a
SHA1

e051b2828d7db59651f11090ccca976e045d5f17
SHA256

792c75c1c6961715c07b3229294667bd993a365f7ad083ba435bd4cf18fe2f28
SHA512

48b5a0d74b96df6e36384a187c4fd11db5040e79541c8f0798e6e58982886157d4015c179783ed3d80ac60d6caaef58e54e27d6bd13eb872063de45d09615397
SSDEEP

3072:cdn7LE96Ujzx8265D0ddddp+1/ThaBCIb:4n7LqBPy20W0Ib

Score

10^/10

gozi banker isfb trojan

Malware Config

Extracted

Family

gozi

Attributes

build
217038

Targets

- Target
  
  23417ad8e248597af107e67ee205b14a_JaffaCakes118
- Size
  
  148KB
- MD5
  
  23417ad8e248597af107e67ee205b14a
- SHA1
  
  e051b2828d7db59651f11090ccca976e045d5f17
- SHA256
  
  792c75c1c6961715c07b3229294667bd993a365f7ad083ba435bd4cf18fe2f28
- SHA512
  
  48b5a0d74b96df6e36384a187c4fd11db5040e79541c8f0798e6e58982886157d4015c179783ed3d80ac60d6caaef58e54e27d6bd13eb872063de45d09615397
- SSDEEP
  
  3072:cdn7LE96Ujzx8265D0ddddp+1/ThaBCIb:4n7LqBPy20W0Ib
Score

10^/10

gozi banker isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2

gozibankerisfbtrojan