gozi | f78c11bff53749e28d2bf0fc40c1adaf0856f984147829f2730bf54020281fea | Triage

Sharing

General

Target

559f94d1d2e58286bc196211447c6100N
Size

364KB
Sample

240910-nla8lstblb
MD5

559f94d1d2e58286bc196211447c6100
SHA1

75ca34f525304c24a2d5f09269d6e302346db04f
SHA256

f78c11bff53749e28d2bf0fc40c1adaf0856f984147829f2730bf54020281fea
SHA512

4963dac22a5feb9ec1db52f4f522b4dc91549fb087626d0cf475a223743b05738a791078d7c05b3b382f8821deb4a1e300ece1466f3d73f2ee892b672bd3f5c6
SSDEEP

1536:BzzXF8CvrJ4PBhDP35n6hGlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:Jh8k6DP3x6hGltOrWKDBr+yJb

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  559f94d1d2e58286bc196211447c6100N
- Size
  
  364KB
- MD5
  
  559f94d1d2e58286bc196211447c6100
- SHA1
  
  75ca34f525304c24a2d5f09269d6e302346db04f
- SHA256
  
  f78c11bff53749e28d2bf0fc40c1adaf0856f984147829f2730bf54020281fea
- SHA512
  
  4963dac22a5feb9ec1db52f4f522b4dc91549fb087626d0cf475a223743b05738a791078d7c05b3b382f8821deb4a1e300ece1466f3d73f2ee892b672bd3f5c6
- SSDEEP
  
  1536:BzzXF8CvrJ4PBhDP35n6hGlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:Jh8k6DP3x6hGltOrWKDBr+yJb
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

gozibankerdiscoveryisfbtrojan