General

  • Target

    1eb5c28ef0398fedab29a0e2a05ac0e45e29d0ca80ca9b580080f1a0e2995882

  • Size

    3.2MB

  • Sample

    240801-m2tt8a1gmh

  • MD5

    a10e8bec1bf9ddf76a005001844b89e8

  • SHA1

    74f6f4c8fbd3ae6173881c6b021c58febc0fbb34

  • SHA256

    1eb5c28ef0398fedab29a0e2a05ac0e45e29d0ca80ca9b580080f1a0e2995882

  • SHA512

    bde329f3af8a8c80a1621b8039a5048dffa3decbaedbeae50754860480f26110c9db0f6fc83a2753aef48e246d675a3e60e11ff00eb40d622d2195adae8dedd8

  • SSDEEP

    49152:Ula/7S6YBrfeBp+wLrh+QJQOBe2p6WCjZ0q:OreBpHh+QJQOBZ0L

Malware Config

Extracted

Family

gozi

Targets

    • Target

      1eb5c28ef0398fedab29a0e2a05ac0e45e29d0ca80ca9b580080f1a0e2995882

    • Size

      3.2MB

    • MD5

      a10e8bec1bf9ddf76a005001844b89e8

    • SHA1

      74f6f4c8fbd3ae6173881c6b021c58febc0fbb34

    • SHA256

      1eb5c28ef0398fedab29a0e2a05ac0e45e29d0ca80ca9b580080f1a0e2995882

    • SHA512

      bde329f3af8a8c80a1621b8039a5048dffa3decbaedbeae50754860480f26110c9db0f6fc83a2753aef48e246d675a3e60e11ff00eb40d622d2195adae8dedd8

    • SSDEEP

      49152:Ula/7S6YBrfeBp+wLrh+QJQOBe2p6WCjZ0q:OreBpHh+QJQOBZ0L

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks