gozi | f6b0df5f84e29476f1479ae68a283c70cdbda201dde8fed1c8ff78fdcae78988 | Triage

Sharing

General

Target

bf647a1d55c0208b2acd3a34043dc2d5_JaffaCakes118
Size

176KB
Sample

241203-1qkztswldy
MD5

bf647a1d55c0208b2acd3a34043dc2d5
SHA1

a78e6800d417e3cf104878fdecebace2e7760fe6
SHA256

f6b0df5f84e29476f1479ae68a283c70cdbda201dde8fed1c8ff78fdcae78988
SHA512

2c021f8af94aec8b805cde715a005e2eb1f612df66c76972458fbd7d99aa16644fd22f21f2f578737fea73653a3378e1eb7640d8ae80db0888576e491f2aa3ac
SSDEEP

3072:1FIcnxeZ7q+edZnYAeoCuPIw8n4BXhTKSdEnl3Fz3n+c7i4HyuI:Fx2e3YARCurXhdcOiI

Score

10^/10

gozi discovery isfb

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  bf647a1d55c0208b2acd3a34043dc2d5_JaffaCakes118
- Size
  
  176KB
- MD5
  
  bf647a1d55c0208b2acd3a34043dc2d5
- SHA1
  
  a78e6800d417e3cf104878fdecebace2e7760fe6
- SHA256
  
  f6b0df5f84e29476f1479ae68a283c70cdbda201dde8fed1c8ff78fdcae78988
- SHA512
  
  2c021f8af94aec8b805cde715a005e2eb1f612df66c76972458fbd7d99aa16644fd22f21f2f578737fea73653a3378e1eb7640d8ae80db0888576e491f2aa3ac
- SSDEEP
  
  3072:1FIcnxeZ7q+edZnYAeoCuPIw8n4BXhTKSdEnl3Fz3n+c7i4HyuI:Fx2e3YARCurXhdcOiI
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2