General

  • Target

    2025-03-19_b682f3c45ca706c9141fff5b92de078d_icedid_remcos

  • Size

    3.4MB

  • Sample

    250319-nvrxqawtcx

  • MD5

    b682f3c45ca706c9141fff5b92de078d

  • SHA1

    40716300aa31e11e3030fcc850bc6e6085b8046e

  • SHA256

    2b1cd646c06c8718484b40a09829ebb74bbbbb1fa3f7736e9a03ba4447b9f892

  • SHA512

    e12e212891b2e250f2bbdb39adf58eb6ed70aebf4bfcf8177fbf6bba4fca0ef73c0e79e9b2e0c07b76c9dc898f5c1a36896b5b62e27121f79782ca5d7246fac3

  • SSDEEP

    49152:fPO9Of2JPfmq71L5lfuRRCNfvJgw/0kiz0PccRTRJ6Qn:n7UPfmqHlfuRMNfvJgp7accRrb

Malware Config

Extracted

Family

gozi

Targets

    • Target

      2025-03-19_b682f3c45ca706c9141fff5b92de078d_icedid_remcos

    • Size

      3.4MB

    • MD5

      b682f3c45ca706c9141fff5b92de078d

    • SHA1

      40716300aa31e11e3030fcc850bc6e6085b8046e

    • SHA256

      2b1cd646c06c8718484b40a09829ebb74bbbbb1fa3f7736e9a03ba4447b9f892

    • SHA512

      e12e212891b2e250f2bbdb39adf58eb6ed70aebf4bfcf8177fbf6bba4fca0ef73c0e79e9b2e0c07b76c9dc898f5c1a36896b5b62e27121f79782ca5d7246fac3

    • SSDEEP

      49152:fPO9Of2JPfmq71L5lfuRRCNfvJgw/0kiz0PccRTRJ6Qn:n7UPfmqHlfuRMNfvJgp7accRrb

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Gozi family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks