gozi | a3ca02fdfe8d0ff9fe4f284d4700fd85c6fcff458bf7460ae0b23aa1c1c60ccc | Triage

Sharing

General

Target

a3ca02fdfe8d0ff9fe4f284d4700fd85c6fcff458bf7460ae0b23aa1c1c60ccc.exe
Size

1.2MB
Sample

250301-v8ktwsxmt9
MD5

00d5ae7f7fc3f77ab69da2f9c757f960
SHA1

9794125c9cf362328cff5988dc7af803f38499bd
SHA256

a3ca02fdfe8d0ff9fe4f284d4700fd85c6fcff458bf7460ae0b23aa1c1c60ccc
SHA512

9b4b6567b9d5fa67c82383734ca820123267ac330136acaa4fb6d7291890465685cedd5153a5916c6fedc7a2ba3e25c06a860225610cfccfe27fb96e10bac6ec
SSDEEP

12288:qNyahrrcXVFaXQM265f8IHj+GAULolYCbUhVGOYLG72fERatPKd1rhGSZst/tpxw:q04kuCgsSYhEo3hfZkiZabwXO

Score

10^/10

gozi banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  a3ca02fdfe8d0ff9fe4f284d4700fd85c6fcff458bf7460ae0b23aa1c1c60ccc.exe
- Size
  
  1.2MB
- MD5
  
  00d5ae7f7fc3f77ab69da2f9c757f960
- SHA1
  
  9794125c9cf362328cff5988dc7af803f38499bd
- SHA256
  
  a3ca02fdfe8d0ff9fe4f284d4700fd85c6fcff458bf7460ae0b23aa1c1c60ccc
- SHA512
  
  9b4b6567b9d5fa67c82383734ca820123267ac330136acaa4fb6d7291890465685cedd5153a5916c6fedc7a2ba3e25c06a860225610cfccfe27fb96e10bac6ec
- SSDEEP
  
  12288:qNyahrrcXVFaXQM265f8IHj+GAULolYCbUhVGOYLG72fERatPKd1rhGSZst/tpxw:q04kuCgsSYhEo3hfZkiZabwXO
Score

10^/10

gozi banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojan

behavioral2

gozibankerdiscoveryisfbtrojan