gozi | 63e3b6850d448035b6c9a1d73f9682aced2a855f92bd6d22c83ba9d7ec1544c0 | Triage

Sharing

General

Target

a3ce5f871cc8d68100f16fe1ce133b899e220984a853e74f333ed07bd94eb4fc.zip
Size

455KB
Sample

240802-gl3jjatgrd
MD5

6eba6597481588ed427806dc26dfa31f
SHA1

ba201fad3997d76911024cf38c5059002d73a6e4
SHA256

63e3b6850d448035b6c9a1d73f9682aced2a855f92bd6d22c83ba9d7ec1544c0
SHA512

46f04f159d8585c504f940b797b49cc51237d807ee20a6a8da77c086439b239e932a9f6f8ddcc2c9314c055e1c254e50fe6d0a50eb342c1aebca363acf2edf41
SSDEEP

12288:66VMSZQpt/vFz30+9WkFGbPhOrK7CptGIeb0I:nVMSZQLF4+ANbP4rK7CpxebL

Score

10^/10

gozi discovery isfb

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  a3ce5f871cc8d68100f16fe1ce133b899e220984a853e74f333ed07bd94eb4fc
- Size
  
  7.0MB
- MD5
  
  fad4f04864c8024b662b8ee6cf4776b1
- SHA1
  
  82e43f634647260c0cd884dc1f358f6f7ef18829
- SHA256
  
  a3ce5f871cc8d68100f16fe1ce133b899e220984a853e74f333ed07bd94eb4fc
- SHA512
  
  c346165389b284b7d3358b596e971e570474590c3e46ad517c54736d1f7311e8cb98f2981b6f00b990ae031d0a1051daa929997bb6ba3fe9b7162627849bdc8d
- SSDEEP
  
  12288:Qq8ioJBhBZZRppBRhxxBJJBBp5BRBJJ5hBRpxxhJ5ppBJ5xBJJBRxBxRRRxB55Bk:Qq8io7ioxmQ55A06Z
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2