gozi | e16f8544a45ead1c7ac858eef7f47c0db1f0ea2ef4e5427fddfc3fc6d16669cc | Triage

Sharing

General

Target

e16f8544a45ead1c7ac858eef7f47c0db1f0ea2ef4e5427fddfc3fc6d16669cc
Size

364KB
Sample

240730-dt8tqsyale
MD5

5e2bce38ef079a291e9d938ba9a92979
SHA1

52bcad6f522101159c871c10ce64f3af24d71025
SHA256

e16f8544a45ead1c7ac858eef7f47c0db1f0ea2ef4e5427fddfc3fc6d16669cc
SHA512

deca12b99013178496d62683f6ead6fcbb5c914e09dc49c3ee2a80b9c6e45496041959ac8d80d2d816bbfa3b5fe4529d7c7bdd20790468e441d9407ce9cde5a9
SSDEEP

1536:g1zXF8CvrJ4PBhDP35l6hLlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:g1h8k6DP3H6hLltOrWKDBr+yJb

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  e16f8544a45ead1c7ac858eef7f47c0db1f0ea2ef4e5427fddfc3fc6d16669cc
- Size
  
  364KB
- MD5
  
  5e2bce38ef079a291e9d938ba9a92979
- SHA1
  
  52bcad6f522101159c871c10ce64f3af24d71025
- SHA256
  
  e16f8544a45ead1c7ac858eef7f47c0db1f0ea2ef4e5427fddfc3fc6d16669cc
- SHA512
  
  deca12b99013178496d62683f6ead6fcbb5c914e09dc49c3ee2a80b9c6e45496041959ac8d80d2d816bbfa3b5fe4529d7c7bdd20790468e441d9407ce9cde5a9
- SSDEEP
  
  1536:g1zXF8CvrJ4PBhDP35l6hLlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:g1h8k6DP3H6hLltOrWKDBr+yJb
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

gozibankerdiscoveryisfbtrojan