gozi | fc51a5f57f82929dbc6be215691121acdc4a34b0c6430fe444cec65299901059 | Triage

Sharing

General

Target

e8ea49505079cad08b7529fdc3cdb30e_JaffaCakes118
Size

582KB
Sample

241213-abxf7stndp
MD5

e8ea49505079cad08b7529fdc3cdb30e
SHA1

2fc4ae28cdc8c6b4b5d7553428e5d0e6c3f68848
SHA256

fc51a5f57f82929dbc6be215691121acdc4a34b0c6430fe444cec65299901059
SHA512

ce64b7c33edc893b2ebae18218756ad842e6e71905b2d43e288195125c57f34494ec425cc459c0412a1942bce0f975806da3811c1e668fd0f81943be77afa91f
SSDEEP

12288:i1qteEc9mdm4sYC+SFhcoIqsjwO7wLz1ha5tY0A4VrdSDd+csbiNwomzjmLnr:beEQdYlSPVIqsjT2J0A41uYFbOw5jQr

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  e8ea49505079cad08b7529fdc3cdb30e_JaffaCakes118
- Size
  
  582KB
- MD5
  
  e8ea49505079cad08b7529fdc3cdb30e
- SHA1
  
  2fc4ae28cdc8c6b4b5d7553428e5d0e6c3f68848
- SHA256
  
  fc51a5f57f82929dbc6be215691121acdc4a34b0c6430fe444cec65299901059
- SHA512
  
  ce64b7c33edc893b2ebae18218756ad842e6e71905b2d43e288195125c57f34494ec425cc459c0412a1942bce0f975806da3811c1e668fd0f81943be77afa91f
- SSDEEP
  
  12288:i1qteEc9mdm4sYC+SFhcoIqsjwO7wLz1ha5tY0A4VrdSDd+csbiNwomzjmLnr:beEQdYlSPVIqsjT2J0A41uYFbOw5jQr
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan