gozi | 73d17a5f37103e91c09dff0c3de4a48850bd7bbf7f1cf833b934f9ac0505457a | Triage

Sharing

General

Target

b013b3649693cca60667997c761bdbf0N
Size

364KB
Sample

240908-fq7tdaybmp
MD5

b013b3649693cca60667997c761bdbf0
SHA1

0bdffe6be67b997563c2341a58082cb7a0d72cab
SHA256

73d17a5f37103e91c09dff0c3de4a48850bd7bbf7f1cf833b934f9ac0505457a
SHA512

c5f2f436312ece8cf56b4857ea792370925927369a5dda0ea5da982e260c4346de11b06ee3fedfd43acf07960f9340074665296b8aaf6d859ac019c07b5124c5
SSDEEP

1536:zzXF8CvrJ4PBhDP35t6h/lProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:zh8k6DP376h/ltOrWKDBr+yJb

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  b013b3649693cca60667997c761bdbf0N
- Size
  
  364KB
- MD5
  
  b013b3649693cca60667997c761bdbf0
- SHA1
  
  0bdffe6be67b997563c2341a58082cb7a0d72cab
- SHA256
  
  73d17a5f37103e91c09dff0c3de4a48850bd7bbf7f1cf833b934f9ac0505457a
- SHA512
  
  c5f2f436312ece8cf56b4857ea792370925927369a5dda0ea5da982e260c4346de11b06ee3fedfd43acf07960f9340074665296b8aaf6d859ac019c07b5124c5
- SSDEEP
  
  1536:zzXF8CvrJ4PBhDP35t6h/lProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:zh8k6DP376h/ltOrWKDBr+yJb
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

gozibankerdiscoveryisfbtrojan