gozi | d838324394d383b2b78b3986c96d5ed3266051a147d30e0d3739203a41d74595 | Triage

Sharing

General

Target

6a459bb54618eba5e126b29171ee03b8_JaffaCakes118
Size

116KB
Sample

241022-nmpgmasfnc
MD5

6a459bb54618eba5e126b29171ee03b8
SHA1

0d984acd617133e29f624fd53904cebec1acd46e
SHA256

d838324394d383b2b78b3986c96d5ed3266051a147d30e0d3739203a41d74595
SHA512

6e44b0020525db7c27a55eebab1bf974456de8f2a48f0f9bb132f2f4dc7ffcb6aac4d83fa3116c67f5b5f7c860851b4ebfc633a74a81945bb5e86c4473252e3e
SSDEEP

3072:yy8Rxs9N2aZ5VJuFScyCdZ14nAGSHqZymbm4RRZsKwHqFn:yyAx4IaZ5VJ7XE1mAGJ7m4RRiKwM

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  6a459bb54618eba5e126b29171ee03b8_JaffaCakes118
- Size
  
  116KB
- MD5
  
  6a459bb54618eba5e126b29171ee03b8
- SHA1
  
  0d984acd617133e29f624fd53904cebec1acd46e
- SHA256
  
  d838324394d383b2b78b3986c96d5ed3266051a147d30e0d3739203a41d74595
- SHA512
  
  6e44b0020525db7c27a55eebab1bf974456de8f2a48f0f9bb132f2f4dc7ffcb6aac4d83fa3116c67f5b5f7c860851b4ebfc633a74a81945bb5e86c4473252e3e
- SSDEEP
  
  3072:yy8Rxs9N2aZ5VJuFScyCdZ14nAGSHqZymbm4RRZsKwHqFn:yyAx4IaZ5VJ7XE1mAGJ7m4RRiKwM
Score

10^/10

gozi banker isfb trojan discovery
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan