gozi | db74e3d709e55773a8881b7839d17efb41290b6e440e8957419e9efbee310591 | Triage

Sharing

General

Target

db74e3d709e55773a8881b7839d17efb41290b6e440e8957419e9efbee310591
Size

364KB
Sample

241012-dxysyazhna
MD5

6238614c1e81d7b3c4d7a8e96efea4e9
SHA1

f2c7b5e750e498725abd38a6a22de99ba40ed247
SHA256

db74e3d709e55773a8881b7839d17efb41290b6e440e8957419e9efbee310591
SHA512

06f64c7cd03423a899005690d0e630375cfb846f7b7262069f3f2a618e925a42b0699608e1156ad510d844b656660c4bb458d23f50f2524396f85f7c588fb172
SSDEEP

1536:y9mzXF8CvrJ4PBhDP35E6h5jlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:Omh8k6DP3C6hZltOrWKDBr+yJb

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  db74e3d709e55773a8881b7839d17efb41290b6e440e8957419e9efbee310591
- Size
  
  364KB
- MD5
  
  6238614c1e81d7b3c4d7a8e96efea4e9
- SHA1
  
  f2c7b5e750e498725abd38a6a22de99ba40ed247
- SHA256
  
  db74e3d709e55773a8881b7839d17efb41290b6e440e8957419e9efbee310591
- SHA512
  
  06f64c7cd03423a899005690d0e630375cfb846f7b7262069f3f2a618e925a42b0699608e1156ad510d844b656660c4bb458d23f50f2524396f85f7c588fb172
- SSDEEP
  
  1536:y9mzXF8CvrJ4PBhDP35E6h5jlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:Omh8k6DP3C6hZltOrWKDBr+yJb
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

gozibankerdiscoveryisfbtrojan