gozi | 4e2c68509f3117edfc3a403db0e3e39cbd6da25e3acc3e96d37e8fb9bb3d5794 | Triage

Sharing

General

Target

4e2c68509f3117edfc3a403db0e3e39cbd6da25e3acc3e96d37e8fb9bb3d5794N
Size

193KB
Sample

241110-pvsppaxclg
MD5

991f43cff60cc7c7f0fd272540b1bce0
SHA1

852b9190d6e7049857fa1e217a7b08878c4eaef3
SHA256

4e2c68509f3117edfc3a403db0e3e39cbd6da25e3acc3e96d37e8fb9bb3d5794
SHA512

92a576300023da8d2ddbed3b2434e97ec0cc70d4ee463d765f16516ffdb26178d5cde3c3628b9c344cb2b2a92ca1ee68ad9a6133f5b9eda8756761d591022933
SSDEEP

6144:CO9uHzMxo0REaK4uodHqSRqlalq+dnBLzjw:FuHIxoHas4qsqglq+dW

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  4e2c68509f3117edfc3a403db0e3e39cbd6da25e3acc3e96d37e8fb9bb3d5794N
- Size
  
  193KB
- MD5
  
  991f43cff60cc7c7f0fd272540b1bce0
- SHA1
  
  852b9190d6e7049857fa1e217a7b08878c4eaef3
- SHA256
  
  4e2c68509f3117edfc3a403db0e3e39cbd6da25e3acc3e96d37e8fb9bb3d5794
- SHA512
  
  92a576300023da8d2ddbed3b2434e97ec0cc70d4ee463d765f16516ffdb26178d5cde3c3628b9c344cb2b2a92ca1ee68ad9a6133f5b9eda8756761d591022933
- SSDEEP
  
  6144:CO9uHzMxo0REaK4uodHqSRqlalq+dnBLzjw:FuHIxoHas4qsqglq+dW
Score

10^/10

gozi banker discovery trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoverytrojan

behavioral2