gozi | 17a9bf31abdc0baabd6f26b3fa67d2f169f533ef04496b7943667414bcd539c2 | Triage

Sharing

General

Target

cbde54ccc3c13fe82a442ead8d2103e4_JaffaCakes118
Size

350KB
Sample

241206-jqnmaaxld1
MD5

cbde54ccc3c13fe82a442ead8d2103e4
SHA1

e968914a83611a888cfbd131fd0c452821de20be
SHA256

17a9bf31abdc0baabd6f26b3fa67d2f169f533ef04496b7943667414bcd539c2
SHA512

6b3b21e1c5d780b5376c9e08df218cb0581f2cc981a66b5aa2b4c43a09df6477f5928cc767a6d8122dd25f35f9ac21df5b7124465a0d6c1c50e1440f91b73d1e
SSDEEP

6144:RukiCIXQRFUPRLLHpsn4kH4JMWmaF0oc:R0vXqFMFHps4kYeuz

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Attributes

build
217039

Targets

- Target
  
  cbde54ccc3c13fe82a442ead8d2103e4_JaffaCakes118
- Size
  
  350KB
- MD5
  
  cbde54ccc3c13fe82a442ead8d2103e4
- SHA1
  
  e968914a83611a888cfbd131fd0c452821de20be
- SHA256
  
  17a9bf31abdc0baabd6f26b3fa67d2f169f533ef04496b7943667414bcd539c2
- SHA512
  
  6b3b21e1c5d780b5376c9e08df218cb0581f2cc981a66b5aa2b4c43a09df6477f5928cc767a6d8122dd25f35f9ac21df5b7124465a0d6c1c50e1440f91b73d1e
- SSDEEP
  
  6144:RukiCIXQRFUPRLLHpsn4kH4JMWmaF0oc:R0vXqFMFHps4kYeuz
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan