gozi | 533d3cf83059578d8e71085c864f5baef27fbb36b2b60a5d6f8d2eef5366aca9 | Triage

Sharing

General

Target

533d3cf83059578d8e71085c864f5baef27fbb36b2b60a5d6f8d2eef5366aca9
Size

364KB
Sample

241024-3fyt2sxekn
MD5

25816ed091fb253a041273ea39d83311
SHA1

3a2e216d9617ab18a27fde7c10ab9e6b525f7a77
SHA256

533d3cf83059578d8e71085c864f5baef27fbb36b2b60a5d6f8d2eef5366aca9
SHA512

b443fbe736e27b2c5002263f97e2ca127cdaedfd0b185ee1a03709aee1d60a93d48ecf797b25f3d52ad7888e1cbf08a1ee26616d58c73f25b6750518cb2fb370
SSDEEP

1536:hgq0gzXF8CvrJ4PBhDP35ii6hRflProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:hgqxh8k6DP3Z6hJltOrWKDBr+yJb

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  533d3cf83059578d8e71085c864f5baef27fbb36b2b60a5d6f8d2eef5366aca9
- Size
  
  364KB
- MD5
  
  25816ed091fb253a041273ea39d83311
- SHA1
  
  3a2e216d9617ab18a27fde7c10ab9e6b525f7a77
- SHA256
  
  533d3cf83059578d8e71085c864f5baef27fbb36b2b60a5d6f8d2eef5366aca9
- SHA512
  
  b443fbe736e27b2c5002263f97e2ca127cdaedfd0b185ee1a03709aee1d60a93d48ecf797b25f3d52ad7888e1cbf08a1ee26616d58c73f25b6750518cb2fb370
- SSDEEP
  
  1536:hgq0gzXF8CvrJ4PBhDP35ii6hRflProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:hgqxh8k6DP3Z6hJltOrWKDBr+yJb
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

gozibankerdiscoveryisfbtrojan