gozi | b7b61d19b86922f23e094a36cadf0a5678b4a6876625103bfb50f3d481de33ca | Triage

Sharing

General

Target

f223d57af3bd429fc77c751d3cbe695f_JaffaCakes118
Size

350KB
Sample

241215-ecs8dssrft
MD5

f223d57af3bd429fc77c751d3cbe695f
SHA1

9b0d57d357e198f82ba5314b4445b84334dc5690
SHA256

b7b61d19b86922f23e094a36cadf0a5678b4a6876625103bfb50f3d481de33ca
SHA512

e2c4a6e437269589628f5239ec0e8a1557ff794d723cf2dfee6c29564b6c8a5b1c77ae72c86b46d415d5e70654812623e3f8761a2d12a834d3583827fdcbf406
SSDEEP

6144:RukiCIXQRFUPRLLHpsn4kk4JMWmaF0oc:R0vXqFMFHps4kZeuz

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Attributes

build
217039

Targets

- Target
  
  f223d57af3bd429fc77c751d3cbe695f_JaffaCakes118
- Size
  
  350KB
- MD5
  
  f223d57af3bd429fc77c751d3cbe695f
- SHA1
  
  9b0d57d357e198f82ba5314b4445b84334dc5690
- SHA256
  
  b7b61d19b86922f23e094a36cadf0a5678b4a6876625103bfb50f3d481de33ca
- SHA512
  
  e2c4a6e437269589628f5239ec0e8a1557ff794d723cf2dfee6c29564b6c8a5b1c77ae72c86b46d415d5e70654812623e3f8761a2d12a834d3583827fdcbf406
- SSDEEP
  
  6144:RukiCIXQRFUPRLLHpsn4kk4JMWmaF0oc:R0vXqFMFHps4kZeuz
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan