gozi | fcd17aca9b9012d7dfa244459f648c1c2abb804af855bb9f7227598f6992b4ae | Triage

Submit
Reports

Overview

overview

Static

static

5

cd46199b42...18.exe

windows7-x64

cd46199b42...18.exe

windows10-2004-x64

7

Sharing

General

Target

cd46199b4207d5b74af1113af0d8137f_JaffaCakes118
Size

2.9MB
Sample

241206-qvenhawjgj
MD5

cd46199b4207d5b74af1113af0d8137f
SHA1

ba360315b70d581659341bbe04ca6c68c7b781a3
SHA256

fcd17aca9b9012d7dfa244459f648c1c2abb804af855bb9f7227598f6992b4ae
SHA512

1fed841b01bd04a8620faa351e2772a0fca84e55bb9529c7fcc1415f188ddeeec65d14fe1d8e2ed189f0e1bb09c8699af6fcebf41c113cf1af6c37e539314819
SSDEEP

49152:6ueHHM0xU2dACqa+Ny4EcEy/bXisjP4M338dB2IBlGuuDVUsdxxjeQZwxPYRKs:6ueHnICqty4OSbXXgg3gnl/IVUs1jePs

Score

10^/10

gozi banker discovery isfb trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

cd46199b4207d5b74af1113af0d8137f_JaffaCakes118.exe

Resource

win7-20241010-en

gozi banker discovery isfb trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

cd46199b4207d5b74af1113af0d8137f_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  cd46199b4207d5b74af1113af0d8137f_JaffaCakes118
- Size
  
  2.9MB
- MD5
  
  cd46199b4207d5b74af1113af0d8137f
- SHA1
  
  ba360315b70d581659341bbe04ca6c68c7b781a3
- SHA256
  
  fcd17aca9b9012d7dfa244459f648c1c2abb804af855bb9f7227598f6992b4ae
- SHA512
  
  1fed841b01bd04a8620faa351e2772a0fca84e55bb9529c7fcc1415f188ddeeec65d14fe1d8e2ed189f0e1bb09c8699af6fcebf41c113cf1af6c37e539314819
- SSDEEP
  
  49152:6ueHHM0xU2dACqa+Ny4EcEy/bXisjP4M338dB2IBlGuuDVUsdxxjeQZwxPYRKs:6ueHnICqty4OSbXXgg3gnl/IVUs1jePs
Score

10^/10

gozi banker discovery isfb trojan upx
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojanupx

behavioral2

© 2018-2025

Terms | Privacy