gozi | 9f57488ef928a5964df6961eb884f54fbbfc3168d7c2b656017c012fa2afcccf | Triage

Sharing

General

Target

9d1901a75e7c8e3e15074eee83033333_JaffaCakes118
Size

350KB
Sample

240611-f1e64swbma
MD5

9d1901a75e7c8e3e15074eee83033333
SHA1

81b5dfee0800a8e8f6728638a29920220a295c7d
SHA256

9f57488ef928a5964df6961eb884f54fbbfc3168d7c2b656017c012fa2afcccf
SHA512

c44546c03ae282aff4cf4f8148785df4661c2f990e7f5dcbe9354b9061f0a6b2263b33a531d5155d462d3407ad1abbab7c63b1a6cc2d2b659b15b8ccd2f5eaca
SSDEEP

6144:RukiCIXQRFUPRLLHpsn4kK4JMWmaF0oc:R0vXqFMFHps4kreuz

Score

10^/10

gozi banker isfb trojan

Malware Config

Extracted

Family

gozi

Attributes

build
217039

Targets

- Target
  
  9d1901a75e7c8e3e15074eee83033333_JaffaCakes118
- Size
  
  350KB
- MD5
  
  9d1901a75e7c8e3e15074eee83033333
- SHA1
  
  81b5dfee0800a8e8f6728638a29920220a295c7d
- SHA256
  
  9f57488ef928a5964df6961eb884f54fbbfc3168d7c2b656017c012fa2afcccf
- SHA512
  
  c44546c03ae282aff4cf4f8148785df4661c2f990e7f5dcbe9354b9061f0a6b2263b33a531d5155d462d3407ad1abbab7c63b1a6cc2d2b659b15b8ccd2f5eaca
- SSDEEP
  
  6144:RukiCIXQRFUPRLLHpsn4kK4JMWmaF0oc:R0vXqFMFHps4kreuz
Score

10^/10

gozi banker isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2

gozibankerisfbtrojan