gozi | a131e5e378fcf1db8f206f3e1bece041b753f1aee67165ee807dd5f6c314f5dd | Triage

Sharing

General

Target

a131e5e378fcf1db8f206f3e1bece041b753f1aee67165ee807dd5f6c314f5dd
Size

364KB
Sample

241126-cek9fsvlhk
MD5

1f9ba8ca3fd82a3f6ef5398745f7aaf8
SHA1

66848c292e4babc8c6b2063b9d5401db60453684
SHA256

a131e5e378fcf1db8f206f3e1bece041b753f1aee67165ee807dd5f6c314f5dd
SHA512

07d8781c2291e73ce56693fc1dd4291ebe35906c66e5a675025026ca7f2c0d22a8292b757c94a3f81d9b47bdd5a50e65b2602eb15f97b58c6be569218ca65c79
SSDEEP

1536:K5zXF8CvrJ4PBhDP35H6hOlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:Wh8k6DP3N6hOltOrWKDBr+yJb

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  a131e5e378fcf1db8f206f3e1bece041b753f1aee67165ee807dd5f6c314f5dd
- Size
  
  364KB
- MD5
  
  1f9ba8ca3fd82a3f6ef5398745f7aaf8
- SHA1
  
  66848c292e4babc8c6b2063b9d5401db60453684
- SHA256
  
  a131e5e378fcf1db8f206f3e1bece041b753f1aee67165ee807dd5f6c314f5dd
- SHA512
  
  07d8781c2291e73ce56693fc1dd4291ebe35906c66e5a675025026ca7f2c0d22a8292b757c94a3f81d9b47bdd5a50e65b2602eb15f97b58c6be569218ca65c79
- SSDEEP
  
  1536:K5zXF8CvrJ4PBhDP35H6hOlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:Wh8k6DP3N6hOltOrWKDBr+yJb
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

gozibankerdiscoveryisfbtrojan