gozi | f3e928ac70ae99f1a796134b7aa6bf9c47a846a26f5a0c009781d28dc5601258 | Triage

Sharing

General

Target

2dfe2482ca41ced304ade3772709727c_JaffaCakes118
Size

218KB
Sample

240510-h6zh2saa6w
MD5

2dfe2482ca41ced304ade3772709727c
SHA1

d0fbcb14dac18e8f01ad770b2fa22466adfb1499
SHA256

f3e928ac70ae99f1a796134b7aa6bf9c47a846a26f5a0c009781d28dc5601258
SHA512

3ed9e14668cfd4c0a05d0805daa88a8c5d453232d6bbb6817075f89afc8a06d93c5f210baa4e0d7fac04627fceb8c596265835544fffbe8256fa66898c217517
SSDEEP

3072:JQx0fsIgpjDlUp8c755aRoM8em/c0cq7X6nGI/8Nvg:O2svpjZzc950oM8xl6Gh

Score

10^/10

gozi banker isfb trojan

Malware Config

Extracted

Family

gozi

Attributes

build
217030

Targets

- Target
  
  2dfe2482ca41ced304ade3772709727c_JaffaCakes118
- Size
  
  218KB
- MD5
  
  2dfe2482ca41ced304ade3772709727c
- SHA1
  
  d0fbcb14dac18e8f01ad770b2fa22466adfb1499
- SHA256
  
  f3e928ac70ae99f1a796134b7aa6bf9c47a846a26f5a0c009781d28dc5601258
- SHA512
  
  3ed9e14668cfd4c0a05d0805daa88a8c5d453232d6bbb6817075f89afc8a06d93c5f210baa4e0d7fac04627fceb8c596265835544fffbe8256fa66898c217517
- SSDEEP
  
  3072:JQx0fsIgpjDlUp8c755aRoM8em/c0cq7X6nGI/8Nvg:O2svpjZzc950oM8xl6Gh
Score

10^/10

gozi banker isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2