gozi | a1b7b98121b2c297a535d8b9e9814373f2da61795bb5c0161afcf80918c3f65f | Triage

Sharing

General

Target

d3e889988c3746bce980b63117f65b20N
Size

116KB
Sample

240913-m8ptvayfnp
MD5

d3e889988c3746bce980b63117f65b20
SHA1

c24d61f71306413fc23ca8c84ca521021b329585
SHA256

a1b7b98121b2c297a535d8b9e9814373f2da61795bb5c0161afcf80918c3f65f
SHA512

79016eda68faabda81ece9d76eb0654cbe6b38ecef696590f0ec70a9aed49ad35f9a1be2c7eff7760a51df6f14f32e361de8c286856de7467b782b7e817809e2
SSDEEP

3072:epYFY+9vpm6XA8tC/AJCPxIyaJ5p7+sylbaT/cn+:a0Y+q6HfJCPXqAdJaTc+

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  d3e889988c3746bce980b63117f65b20N
- Size
  
  116KB
- MD5
  
  d3e889988c3746bce980b63117f65b20
- SHA1
  
  c24d61f71306413fc23ca8c84ca521021b329585
- SHA256
  
  a1b7b98121b2c297a535d8b9e9814373f2da61795bb5c0161afcf80918c3f65f
- SHA512
  
  79016eda68faabda81ece9d76eb0654cbe6b38ecef696590f0ec70a9aed49ad35f9a1be2c7eff7760a51df6f14f32e361de8c286856de7467b782b7e817809e2
- SSDEEP
  
  3072:epYFY+9vpm6XA8tC/AJCPxIyaJ5p7+sylbaT/cn+:a0Y+q6HfJCPXqAdJaTc+
Score

10^/10

gozi banker isfb trojan discovery
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan