General

  • Target

    0eb67d089c4a63ee17697c804eaafe20N.exe

  • Size

    364KB

  • Sample

    240814-r2ahssxfng

  • MD5

    0eb67d089c4a63ee17697c804eaafe20

  • SHA1

    621b73ec9bc3c71ee091c280ef29cd0524769d7f

  • SHA256

    81f726468be3eff8a2232233ee64bbbad5ec9ceb6ff3286fbab26133b662e96a

  • SHA512

    0ccb3214ec6d05bb28493274fc9472ebd8fba9a0031c4976d50efed0da281b4d6b795de324f2b3e568c398afc97507b535920ef3e538b053e42b0b583ab1e652

  • SSDEEP

    1536:pzXF8CvrJ4PBhDP35h6hHlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:ph8k6DP3L6hHltOrWKDBr+yJb

Malware Config

Extracted

Family

gozi

Targets

    • Target

      0eb67d089c4a63ee17697c804eaafe20N.exe

    • Size

      364KB

    • MD5

      0eb67d089c4a63ee17697c804eaafe20

    • SHA1

      621b73ec9bc3c71ee091c280ef29cd0524769d7f

    • SHA256

      81f726468be3eff8a2232233ee64bbbad5ec9ceb6ff3286fbab26133b662e96a

    • SHA512

      0ccb3214ec6d05bb28493274fc9472ebd8fba9a0031c4976d50efed0da281b4d6b795de324f2b3e568c398afc97507b535920ef3e538b053e42b0b583ab1e652

    • SSDEEP

      1536:pzXF8CvrJ4PBhDP35h6hHlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:ph8k6DP3L6hHltOrWKDBr+yJb

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

MITRE ATT&CK Enterprise v15

Tasks