gozi | 894f96849e088ba6559f0f39d6226d0fa11a704328a996bf6567fd3991683631 | Triage

Sharing

General

Target

192445230f3f4982b26df995da5a3ac4_JaffaCakes118
Size

350KB
Sample

241006-wsgb7ssckg
MD5

192445230f3f4982b26df995da5a3ac4
SHA1

ee4649bbb8635e76bcf707efe908fad6acf3620a
SHA256

894f96849e088ba6559f0f39d6226d0fa11a704328a996bf6567fd3991683631
SHA512

63b0c59c90fe370824a315852e20a933a811a9e50ce3d98aca1996fa0be453094c0a74299e7bd28759155851b685e962bea2b94c206d7cb9b8f1e1037cc79dcb
SSDEEP

6144:RukiCIXQRFUPRLLHpsn4kw4JMWmaF0oc:R0vXqFMFHps4kFeuz

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Attributes

build
217039

Targets

- Target
  
  192445230f3f4982b26df995da5a3ac4_JaffaCakes118
- Size
  
  350KB
- MD5
  
  192445230f3f4982b26df995da5a3ac4
- SHA1
  
  ee4649bbb8635e76bcf707efe908fad6acf3620a
- SHA256
  
  894f96849e088ba6559f0f39d6226d0fa11a704328a996bf6567fd3991683631
- SHA512
  
  63b0c59c90fe370824a315852e20a933a811a9e50ce3d98aca1996fa0be453094c0a74299e7bd28759155851b685e962bea2b94c206d7cb9b8f1e1037cc79dcb
- SSDEEP
  
  6144:RukiCIXQRFUPRLLHpsn4kw4JMWmaF0oc:R0vXqFMFHps4kFeuz
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan