gozi | 968bda985015ce75357321a8e69c8729e4859a8442c845b03b848db6014305e3 | Triage

Sharing

General

Target

1afe186bee980790a4cfde35c4ac016f_JaffaCakes118
Size

323KB
Sample

241007-czxszsvard
MD5

1afe186bee980790a4cfde35c4ac016f
SHA1

565ffc32420a77059ae86197fed04a41aaa41a60
SHA256

968bda985015ce75357321a8e69c8729e4859a8442c845b03b848db6014305e3
SHA512

cc377d6b5c3fcdd37253c8f91ab1a86d2e1711550b5e9f527fb0205f1ecccbe238f9ab4d2e064ec6d5b22029e60e3b3ca99774c109947d9b06dc23288b40dbff
SSDEEP

6144:ZUMcOTnGZ4Rt+tMFi3hnuHtFRDoWDpg1vX81b9+:Zx7gIt2VuFDoW9CvsC

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  1afe186bee980790a4cfde35c4ac016f_JaffaCakes118
- Size
  
  323KB
- MD5
  
  1afe186bee980790a4cfde35c4ac016f
- SHA1
  
  565ffc32420a77059ae86197fed04a41aaa41a60
- SHA256
  
  968bda985015ce75357321a8e69c8729e4859a8442c845b03b848db6014305e3
- SHA512
  
  cc377d6b5c3fcdd37253c8f91ab1a86d2e1711550b5e9f527fb0205f1ecccbe238f9ab4d2e064ec6d5b22029e60e3b3ca99774c109947d9b06dc23288b40dbff
- SSDEEP
  
  6144:ZUMcOTnGZ4Rt+tMFi3hnuHtFRDoWDpg1vX81b9+:Zx7gIt2VuFDoW9CvsC
Score

10^/10

gozi banker isfb trojan discovery
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan