gozi | e4abdfa09a913c7a45e7acc3e9944fa38dc36af6dd9feef3070e216ca6c51bed | Triage

Sharing

General

Target

9f65088f71e73c4cccd9b8f178dd8929_JaffaCakes118
Size

350KB
Sample

241126-da66ssxjfp
MD5

9f65088f71e73c4cccd9b8f178dd8929
SHA1

eebf7cba8811876c66325dd79e9925d4fae703d8
SHA256

e4abdfa09a913c7a45e7acc3e9944fa38dc36af6dd9feef3070e216ca6c51bed
SHA512

ddc0101637d54b38e3555dd0cec4501919b447efd3e5aa4f2c9def44b79c61140dc050d5731b405c126ae797c648f4ec4894ffef0531a22e0fedfa3cb1ccebb8
SSDEEP

6144:RukiCIXQRFUPRLLHpsn4k84JMWmaF0oc:R0vXqFMFHps4kReuz

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Attributes

build
217039

Targets

- Target
  
  9f65088f71e73c4cccd9b8f178dd8929_JaffaCakes118
- Size
  
  350KB
- MD5
  
  9f65088f71e73c4cccd9b8f178dd8929
- SHA1
  
  eebf7cba8811876c66325dd79e9925d4fae703d8
- SHA256
  
  e4abdfa09a913c7a45e7acc3e9944fa38dc36af6dd9feef3070e216ca6c51bed
- SHA512
  
  ddc0101637d54b38e3555dd0cec4501919b447efd3e5aa4f2c9def44b79c61140dc050d5731b405c126ae797c648f4ec4894ffef0531a22e0fedfa3cb1ccebb8
- SSDEEP
  
  6144:RukiCIXQRFUPRLLHpsn4k84JMWmaF0oc:R0vXqFMFHps4kReuz
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan