gozi | aa9a506ca13d8d663c05f7455cf4f928713a925a44aeb6010cc96a079eefaf8a | Triage

Sharing

General

Target

d19bd6e0baa47bbb0cc8d86b49a3460b_JaffaCakes118
Size

170KB
Sample

240907-ldz6nawhll
MD5

d19bd6e0baa47bbb0cc8d86b49a3460b
SHA1

f294458bbd5fb605d6a843df06d38edebeb36efb
SHA256

aa9a506ca13d8d663c05f7455cf4f928713a925a44aeb6010cc96a079eefaf8a
SHA512

a43e11423696f2f370c6afa52285ea34179afb0c4492e9a996f35b06023dc0fbc740e5b2518fb5a88c026203699ca7bc1194dfc6a97828dc016d05be3eb2dced
SSDEEP

3072:7ntqV+hja0FlPwGJXzHEmpNXISfrNQv9w8ESYcZV/UUW3na4w:zgme03PwGJXYmpdISfr7S5VUUkc

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  d19bd6e0baa47bbb0cc8d86b49a3460b_JaffaCakes118
- Size
  
  170KB
- MD5
  
  d19bd6e0baa47bbb0cc8d86b49a3460b
- SHA1
  
  f294458bbd5fb605d6a843df06d38edebeb36efb
- SHA256
  
  aa9a506ca13d8d663c05f7455cf4f928713a925a44aeb6010cc96a079eefaf8a
- SHA512
  
  a43e11423696f2f370c6afa52285ea34179afb0c4492e9a996f35b06023dc0fbc740e5b2518fb5a88c026203699ca7bc1194dfc6a97828dc016d05be3eb2dced
- SSDEEP
  
  3072:7ntqV+hja0FlPwGJXzHEmpNXISfrNQv9w8ESYcZV/UUW3na4w:zgme03PwGJXYmpdISfr7S5VUUkc
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan