gozi | 60ec9838522ebad66ab2ff8a9f95b46a1e2fcbfa69f2b3def374f02d588ce7c3 | Triage

Submit
Reports

Overview

overview

Static

static

5

60ec983852...c3.exe

windows7-x64

60ec983852...c3.exe

windows10-2004-x64

Sharing

General

Target

60ec9838522ebad66ab2ff8a9f95b46a1e2fcbfa69f2b3def374f02d588ce7c3
Size

2.5MB
Sample

250306-rzqf8s1ps9
MD5

0758c0a8e2bc20e97be44abf8807cc7b
SHA1

2527e503520ae7f38370f9d72f83a80263556c72
SHA256

60ec9838522ebad66ab2ff8a9f95b46a1e2fcbfa69f2b3def374f02d588ce7c3
SHA512

2411c1ec1c30369cd52d09c0b7b6f64fa698b21d3ac34da5915d90e40c9e7b92dc22427662c373b06986991dae7fb631ab4eb6e7f021c5b717f11dc69c0978c9
SSDEEP

49152:yDHRbmQanLWGS0V67X1KwwoWBJUP1jPcDibBUrvje5tfJ4kLlJa09oi+lnME:yDHRbmQyWPr1LMBWP1jPcDFeN1Llr95F

Score

10^/10

gozi banker discovery isfb trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

60ec9838522ebad66ab2ff8a9f95b46a1e2fcbfa69f2b3def374f02d588ce7c3.exe

Resource

win7-20250207-en

gozi banker discovery isfb trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

60ec9838522ebad66ab2ff8a9f95b46a1e2fcbfa69f2b3def374f02d588ce7c3.exe

Resource

win10v2004-20250217-en

gozi banker discovery isfb trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  60ec9838522ebad66ab2ff8a9f95b46a1e2fcbfa69f2b3def374f02d588ce7c3
- Size
  
  2.5MB
- MD5
  
  0758c0a8e2bc20e97be44abf8807cc7b
- SHA1
  
  2527e503520ae7f38370f9d72f83a80263556c72
- SHA256
  
  60ec9838522ebad66ab2ff8a9f95b46a1e2fcbfa69f2b3def374f02d588ce7c3
- SHA512
  
  2411c1ec1c30369cd52d09c0b7b6f64fa698b21d3ac34da5915d90e40c9e7b92dc22427662c373b06986991dae7fb631ab4eb6e7f021c5b717f11dc69c0978c9
- SSDEEP
  
  49152:yDHRbmQanLWGS0V67X1KwwoWBJUP1jPcDibBUrvje5tfJ4kLlJa09oi+lnME:yDHRbmQyWPr1LMBWP1jPcDFeN1Llr95F
Score

10^/10

gozi banker discovery isfb trojan upx
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozibankerdiscoveryisfbtrojanupx

behavioral2

gozibankerdiscoveryisfbtrojanupx

© 2018-2025

Terms | Privacy