gozi | 44b0136cc9ccf91d8054ac0e835a361308a7e6e582ace7cff0406c1604bc48ef | Triage

Sharing

General

Target

585d79406597e07cee521ab716d3737c_JaffaCakes118
Size

350KB
Sample

240519-d6jqdagf98
MD5

585d79406597e07cee521ab716d3737c
SHA1

1358bd35ca56bd413233d4f207a1d6b0384f233a
SHA256

44b0136cc9ccf91d8054ac0e835a361308a7e6e582ace7cff0406c1604bc48ef
SHA512

91192cf18bc490d40716d4b831318d440947caa5e350bb4d77d3daa953217a4c8ec0f3cf15e329a4830ffaf5d69cdb9f8c9339fd1b8001af4eae22435b9f5a27
SSDEEP

6144:RukiCIXQRFUPRLLHpsn4k24JMWmaF0oc:R0vXqFMFHps4k3euz

Score

10^/10

gozi banker isfb trojan

Malware Config

Extracted

Family

gozi

Attributes

build
217039

Targets

- Target
  
  585d79406597e07cee521ab716d3737c_JaffaCakes118
- Size
  
  350KB
- MD5
  
  585d79406597e07cee521ab716d3737c
- SHA1
  
  1358bd35ca56bd413233d4f207a1d6b0384f233a
- SHA256
  
  44b0136cc9ccf91d8054ac0e835a361308a7e6e582ace7cff0406c1604bc48ef
- SHA512
  
  91192cf18bc490d40716d4b831318d440947caa5e350bb4d77d3daa953217a4c8ec0f3cf15e329a4830ffaf5d69cdb9f8c9339fd1b8001af4eae22435b9f5a27
- SSDEEP
  
  6144:RukiCIXQRFUPRLLHpsn4k24JMWmaF0oc:R0vXqFMFHps4k3euz
Score

10^/10

gozi banker isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2

gozibankerisfbtrojan