gozi | 77261eafa1b807039505edf48a8d848ff97f6b4062c4a273725d8142101c50ab | Triage

Sharing

General

Target

8469cc80a51fd02d6aa302a2fe7562e5_JaffaCakes118
Size

350KB
Sample

241101-nl7lta1alk
MD5

8469cc80a51fd02d6aa302a2fe7562e5
SHA1

560ba998a01af6bcb0522fdd8a72eab781f4f0c7
SHA256

77261eafa1b807039505edf48a8d848ff97f6b4062c4a273725d8142101c50ab
SHA512

8ff62e51f3d483b4b08e4898f9f57f7dd7d18cb72bee94ea9dc37076e50cb848ce9de5e9d17f7233bdd1542bce94aa2aa7f58ce0170184789104d105c7bad26a
SSDEEP

6144:RukiCIXQRFUPRLLHpsn4k/4JMWmaF0oc:R0vXqFMFHps4kQeuz

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Attributes

build
217039

Targets

- Target
  
  8469cc80a51fd02d6aa302a2fe7562e5_JaffaCakes118
- Size
  
  350KB
- MD5
  
  8469cc80a51fd02d6aa302a2fe7562e5
- SHA1
  
  560ba998a01af6bcb0522fdd8a72eab781f4f0c7
- SHA256
  
  77261eafa1b807039505edf48a8d848ff97f6b4062c4a273725d8142101c50ab
- SHA512
  
  8ff62e51f3d483b4b08e4898f9f57f7dd7d18cb72bee94ea9dc37076e50cb848ce9de5e9d17f7233bdd1542bce94aa2aa7f58ce0170184789104d105c7bad26a
- SSDEEP
  
  6144:RukiCIXQRFUPRLLHpsn4k/4JMWmaF0oc:R0vXqFMFHps4kQeuz
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan