gozi | ea0fa26e35d85a72597371bcf4a8c1605043c7407512ac6b2292df2f9468c6a1 | Triage

Sharing

General

Target

d7d7963db303b7946d0cf74aa2472a00_JaffaCakes118
Size

276KB
Sample

240910-jv3xrstbpj
MD5

d7d7963db303b7946d0cf74aa2472a00
SHA1

b80b18ea03e9e5c6211b38491271f2e09141268b
SHA256

ea0fa26e35d85a72597371bcf4a8c1605043c7407512ac6b2292df2f9468c6a1
SHA512

371f09e5ed4a5ec2387590e38022baae620a1a3f54d3211374721de9c5b5f33943a2db4c36f3d4ffbe680aab9eaed51b953cef92f23e11454e2586c244e51951
SSDEEP

6144:xQazKCXlgreuP/DIi1wZ6PBE8hHlwYdRudwMl7Bz3Odku4RG0Xmc:jK+lg6I/Dn1O6PGxoRGwMlYdkHw0XN

Score

10^/10

gozi discovery isfb

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  d7d7963db303b7946d0cf74aa2472a00_JaffaCakes118
- Size
  
  276KB
- MD5
  
  d7d7963db303b7946d0cf74aa2472a00
- SHA1
  
  b80b18ea03e9e5c6211b38491271f2e09141268b
- SHA256
  
  ea0fa26e35d85a72597371bcf4a8c1605043c7407512ac6b2292df2f9468c6a1
- SHA512
  
  371f09e5ed4a5ec2387590e38022baae620a1a3f54d3211374721de9c5b5f33943a2db4c36f3d4ffbe680aab9eaed51b953cef92f23e11454e2586c244e51951
- SSDEEP
  
  6144:xQazKCXlgreuP/DIi1wZ6PBE8hHlwYdRudwMl7Bz3Odku4RG0Xmc:jK+lg6I/Dn1O6PGxoRGwMlYdkHw0XN
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2