gozi | 760bacd8f9f7fe6cd701e510d21b768edd9d0805d4b82b332c849b0ba48456cc | Triage

Sharing

General

Target

372d075e782b781587e1018171e435f2_JaffaCakes118
Size

350KB
Sample

241011-2m8r6axhqh
MD5

372d075e782b781587e1018171e435f2
SHA1

e1dabd0f750b26f603ba0af7ab2e486618e8cc56
SHA256

760bacd8f9f7fe6cd701e510d21b768edd9d0805d4b82b332c849b0ba48456cc
SHA512

98158591b132be39c4ab69f1c497a59a852b39be94cb2e788322936c774166024ab45457dc73debb60c018576ff7856ff2b97e3d6f1c2c22a1784bb9c4da1322
SSDEEP

6144:RukiCIXQRFUPRLLHpsn4kI4JMWmaF0oc:R0vXqFMFHps4k9euz

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Attributes

build
217039

Targets

- Target
  
  372d075e782b781587e1018171e435f2_JaffaCakes118
- Size
  
  350KB
- MD5
  
  372d075e782b781587e1018171e435f2
- SHA1
  
  e1dabd0f750b26f603ba0af7ab2e486618e8cc56
- SHA256
  
  760bacd8f9f7fe6cd701e510d21b768edd9d0805d4b82b332c849b0ba48456cc
- SHA512
  
  98158591b132be39c4ab69f1c497a59a852b39be94cb2e788322936c774166024ab45457dc73debb60c018576ff7856ff2b97e3d6f1c2c22a1784bb9c4da1322
- SSDEEP
  
  6144:RukiCIXQRFUPRLLHpsn4kI4JMWmaF0oc:R0vXqFMFHps4k9euz
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan