Overview

overview

10

Static

static

3

69a92665b4...18.exe

windows7-x64

10

69a92665b4...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    69a92665b40a70d2bcf20e5ef96ba3f1_JaffaCakes118

  • Size

    271KB

  • Sample

    240523-ej2s4sdc73

  • MD5

    69a92665b40a70d2bcf20e5ef96ba3f1

  • SHA1

    9f9f20fa584009fc1df4512c458199a2a3152410

  • SHA256

    bdce83707270c4e03796567f9f36ccbae93171ea9dbff717371a03262dd3acb7

  • SHA512

    63d456eae1ef0f320a61b7d32be0cc5a6871e2d5a54a3c183d5139e0779949e257400d95c0d699d1a5913a601f50f955bc979ba2fce3359e796d8a4e037e163f

  • SSDEEP

    6144:qF7LzLyKx+sTdtsREULw0ddDp3Rr1/gQpEmdC:s7LKKx+s+LwGdl/t

Score
10/10
gozibankerisfbtrojan

Malware Config

Extracted

Family

gozi

Attributes
  • build

    217049

Targets

    • Target

      69a92665b40a70d2bcf20e5ef96ba3f1_JaffaCakes118

    • Size

      271KB

    • MD5

      69a92665b40a70d2bcf20e5ef96ba3f1

    • SHA1

      9f9f20fa584009fc1df4512c458199a2a3152410

    • SHA256

      bdce83707270c4e03796567f9f36ccbae93171ea9dbff717371a03262dd3acb7

    • SHA512

      63d456eae1ef0f320a61b7d32be0cc5a6871e2d5a54a3c183d5139e0779949e257400d95c0d699d1a5913a601f50f955bc979ba2fce3359e796d8a4e037e163f

    • SSDEEP

      6144:qF7LzLyKx+sTdtsREULw0ddDp3Rr1/gQpEmdC:s7LKKx+s+LwGdl/t

    Score
    10/10
    gozibankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks