gozi | f2096c1e029df99c83b86d6798f545afa9b3c121ab5f8b9ced07bcc349a22230 | Triage

Sharing

General

Target

6114e009c42369ad7dcb6c090ffaf2e4_JaffaCakes118
Size

350KB
Sample

241020-jgbw5aydkp
MD5

6114e009c42369ad7dcb6c090ffaf2e4
SHA1

31e8af3e1cc33aea5e3c5bcd93418f68fba1266c
SHA256

f2096c1e029df99c83b86d6798f545afa9b3c121ab5f8b9ced07bcc349a22230
SHA512

c7f96f9b28aa096e710a2abf9786ae5578e086d0256226e7a0525da488911aafd0ea34161b05014d6ea19a8cf25f8dff4a148f56699406d9131f2b790f3d897d
SSDEEP

6144:RukiCIXQRFUPRLLHpsn4k54JMWmaF0oc:R0vXqFMFHps4kGeuz

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Attributes

build
217039

Targets

- Target
  
  6114e009c42369ad7dcb6c090ffaf2e4_JaffaCakes118
- Size
  
  350KB
- MD5
  
  6114e009c42369ad7dcb6c090ffaf2e4
- SHA1
  
  31e8af3e1cc33aea5e3c5bcd93418f68fba1266c
- SHA256
  
  f2096c1e029df99c83b86d6798f545afa9b3c121ab5f8b9ced07bcc349a22230
- SHA512
  
  c7f96f9b28aa096e710a2abf9786ae5578e086d0256226e7a0525da488911aafd0ea34161b05014d6ea19a8cf25f8dff4a148f56699406d9131f2b790f3d897d
- SSDEEP
  
  6144:RukiCIXQRFUPRLLHpsn4k54JMWmaF0oc:R0vXqFMFHps4kGeuz
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan