gozi | dcf0da28914f7b69ce916ae7d8e1d97503123529a8ccd09ea969c62edb632823 | Triage

Sharing

General

Target

d6c34f945275da47fce9f49b484fc3f2_JaffaCakes118
Size

188KB
Sample

240909-vpsemasaqa
MD5

d6c34f945275da47fce9f49b484fc3f2
SHA1

89ccf7cbbd13313fb243b9eae569a08816c9fe85
SHA256

dcf0da28914f7b69ce916ae7d8e1d97503123529a8ccd09ea969c62edb632823
SHA512

c9b14299340e7cabfee3947d216a2d3d6d1dcf7d94c1a5595e66fb66670a5541e38219bc352878e8c917f4e80f6d333920e8323a0ccb8252fe0f973eba7bc0e2
SSDEEP

3072:zta7IjIAU85UV4WthBgW02068YCiZn7ik6RxOjpqPG7w:zaIjIQVWhZ0dYDnPCxI

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  d6c34f945275da47fce9f49b484fc3f2_JaffaCakes118
- Size
  
  188KB
- MD5
  
  d6c34f945275da47fce9f49b484fc3f2
- SHA1
  
  89ccf7cbbd13313fb243b9eae569a08816c9fe85
- SHA256
  
  dcf0da28914f7b69ce916ae7d8e1d97503123529a8ccd09ea969c62edb632823
- SHA512
  
  c9b14299340e7cabfee3947d216a2d3d6d1dcf7d94c1a5595e66fb66670a5541e38219bc352878e8c917f4e80f6d333920e8323a0ccb8252fe0f973eba7bc0e2
- SSDEEP
  
  3072:zta7IjIAU85UV4WthBgW02068YCiZn7ik6RxOjpqPG7w:zaIjIQVWhZ0dYDnPCxI
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan