gozi | 2cb4c475804369cbb5b4200540038d393c3e21e42d56ea472d75e38a663271c8 | Triage

Submit
Reports

Overview

overview

Static

static

5

79d5adce12...18.exe

windows7-x64

79d5adce12...18.exe

windows10-2004-x64

7

Sharing

General

Target

79d5adce123b5ac2b43fa6f85cab19f7_JaffaCakes118
Size

113KB
Sample

241028-qmwl2szhnl
MD5

79d5adce123b5ac2b43fa6f85cab19f7
SHA1

b655c1fd76c7e44c5fbf6a12d13f54b4209c626c
SHA256

2cb4c475804369cbb5b4200540038d393c3e21e42d56ea472d75e38a663271c8
SHA512

8ca88e2ad5537654b20e39a760661d73735d24e7263754f8bcc268d278c4e7790c21c31aeeb28f3860ada70ee4547cfa90989300fd8c7ac8fbcffc07f69c504b
SSDEEP

3072:+hzx6tb4TRlr6tne5UXnVUiMRvitdZ9w9XI:+hV9WeaavadZCX

Score

10^/10

gozi banker discovery isfb trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

79d5adce123b5ac2b43fa6f85cab19f7_JaffaCakes118.exe

Resource

win7-20240903-en

gozi banker discovery isfb trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

79d5adce123b5ac2b43fa6f85cab19f7_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  79d5adce123b5ac2b43fa6f85cab19f7_JaffaCakes118
- Size
  
  113KB
- MD5
  
  79d5adce123b5ac2b43fa6f85cab19f7
- SHA1
  
  b655c1fd76c7e44c5fbf6a12d13f54b4209c626c
- SHA256
  
  2cb4c475804369cbb5b4200540038d393c3e21e42d56ea472d75e38a663271c8
- SHA512
  
  8ca88e2ad5537654b20e39a760661d73735d24e7263754f8bcc268d278c4e7790c21c31aeeb28f3860ada70ee4547cfa90989300fd8c7ac8fbcffc07f69c504b
- SSDEEP
  
  3072:+hzx6tb4TRlr6tne5UXnVUiMRvitdZ9w9XI:+hV9WeaavadZCX
Score

10^/10

gozi banker discovery isfb trojan upx
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojanupx

behavioral2

© 2018-2025

Terms | Privacy