gozi | 93a86f29e85507cd4c2a021f3a6b0bccf40bf3519feb5d9fab38dcd97dc63a1b | Triage

Submit
Reports

Overview

overview

Static

static

5

2b99f5abeb...18.exe

windows7-x64

2b99f5abeb...18.exe

windows10-2004-x64

7

Sharing

General

Target

2b99f5abeb2dd426085be3aeddd16d96_JaffaCakes118
Size

1.3MB
Sample

241009-f2g24awgpe
MD5

2b99f5abeb2dd426085be3aeddd16d96
SHA1

44a60dc6e7f016552427e43f6c4e7390e6504f31
SHA256

93a86f29e85507cd4c2a021f3a6b0bccf40bf3519feb5d9fab38dcd97dc63a1b
SHA512

7489a72f89054455a830f5a752bbc41e66c42190acd6c07638ca6ea6f7efd8824a5c2ad2e32e966ce462f9f2a2085839f5bef92dee8e3a8b2e289eaccb8fd434
SSDEEP

24576:fGPpbvJpARCuKTK0tGR+/sKGpt5ozMyKCxRdFKJ1O0lEbtGZI7nlkL27ikXHvG:fYIELe0g+0KGvizMy3dVcEk+naa71X

Score

10^/10

gozi banker discovery isfb trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2b99f5abeb2dd426085be3aeddd16d96_JaffaCakes118.exe

Resource

win7-20240903-en

gozi banker discovery isfb trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

2b99f5abeb2dd426085be3aeddd16d96_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  2b99f5abeb2dd426085be3aeddd16d96_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  2b99f5abeb2dd426085be3aeddd16d96
- SHA1
  
  44a60dc6e7f016552427e43f6c4e7390e6504f31
- SHA256
  
  93a86f29e85507cd4c2a021f3a6b0bccf40bf3519feb5d9fab38dcd97dc63a1b
- SHA512
  
  7489a72f89054455a830f5a752bbc41e66c42190acd6c07638ca6ea6f7efd8824a5c2ad2e32e966ce462f9f2a2085839f5bef92dee8e3a8b2e289eaccb8fd434
- SSDEEP
  
  24576:fGPpbvJpARCuKTK0tGR+/sKGpt5ozMyKCxRdFKJ1O0lEbtGZI7nlkL27ikXHvG:fYIELe0g+0KGvizMy3dVcEk+naa71X
Score

10^/10

gozi banker discovery isfb trojan upx
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojanupx

behavioral2

© 2018-2025

Terms | Privacy