gozi | 553818a54ab7a0ced79ab5ed215c8ee56ed0f65a7df2653aa5ac80f4932b255f | Triage

Sharing

General

Target

553818a54ab7a0ced79ab5ed215c8ee56ed0f65a7df2653aa5ac80f4932b255fN
Size

364KB
Sample

241011-ky4txazgqm
MD5

dd3518db317767681f14745cd3d02c50
SHA1

a83f9a42aeed19867f42ada20d391aafd9627d49
SHA256

553818a54ab7a0ced79ab5ed215c8ee56ed0f65a7df2653aa5ac80f4932b255f
SHA512

7ba98a975b5d76e5fb04dd3836148a596013e03f0ba355caa01ff202dd712bccaba80638436c1361b0316a3d6f1bf6e96f168d3da758b232322da5a5ff18eb7c
SSDEEP

1536:rtzXF8CvrJ4PBhDP3596hhlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:rth8k6DP3T6hhltOrWKDBr+yJb

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  553818a54ab7a0ced79ab5ed215c8ee56ed0f65a7df2653aa5ac80f4932b255fN
- Size
  
  364KB
- MD5
  
  dd3518db317767681f14745cd3d02c50
- SHA1
  
  a83f9a42aeed19867f42ada20d391aafd9627d49
- SHA256
  
  553818a54ab7a0ced79ab5ed215c8ee56ed0f65a7df2653aa5ac80f4932b255f
- SHA512
  
  7ba98a975b5d76e5fb04dd3836148a596013e03f0ba355caa01ff202dd712bccaba80638436c1361b0316a3d6f1bf6e96f168d3da758b232322da5a5ff18eb7c
- SSDEEP
  
  1536:rtzXF8CvrJ4PBhDP3596hhlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:rth8k6DP3T6hhltOrWKDBr+yJb
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

gozibankerdiscoveryisfbtrojan