gozi | 5108d339f90dc06dd9745675a198355fe9fb678f7ba99424e6723aa335724192 | Triage

Sharing

General

Target

28bb26de9d69e50f4ed927a66c542a18_JaffaCakes118
Size

331KB
Sample

240509-hbfgpahd33
MD5

28bb26de9d69e50f4ed927a66c542a18
SHA1

1ecec2971f5a017fd9f55c2aa7b40a590f99d447
SHA256

5108d339f90dc06dd9745675a198355fe9fb678f7ba99424e6723aa335724192
SHA512

e8795185577f7ab993b1141b4dc27c4fad80bed1f67641683ea24dff5e51ace50b5ea1efcf12b7cd56eeb477c80e20761714cf43a878bd67b96e051ad670dd91
SSDEEP

6144:O5BiEYtlTO7plr03nmP4DhVZmLGFQR3tldwwUoboEk9/16RkIFMMvsSPoF:OXiE+O7plIXmwDhA2e+lobov/wFk

Score

10^/10

gozi banker isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  1000.exe
- Size
  
  502KB
- MD5
  
  4bc294353a7055ae8c406a07871d0603
- SHA1
  
  439f882a1b6679eec019b7d4bf59a86348d69563
- SHA256
  
  ccb370874be341ea7c0a2d63992ea940731e9348bcfa1e5cff88c1fa49403452
- SHA512
  
  22789df0c9e9c2a5203b0a5d109746a3e89fb5baea8d12890c5c3f2c4d178357768bc0efdf25e0387f08eff627b070b0e986cdfcda09ca9a1c8ac29da6c8c071
- SSDEEP
  
  12288:KeTcZlUFjD9+rNmtPV/iipk3KeDl9FDQYNf3QmmR:KeTcZl0308tND+asQYlA/
Score

10^/10

gozi banker isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2