gozi | 70f8e4d44eb5bc394c0ec47aadacf8e73f43b608ef65865ead7dcd1e14bd69a6 | Triage

Submit
Reports

Overview

overview

Static

static

3

9ce68ab581...18.exe

windows7-x64

9ce68ab581...18.exe

windows10-2004-x64

3

Sharing

General

Target

9ce68ab58140895c002c127254414250_JaffaCakes118
Size

480KB
Sample

240611-ee6aqstbkc
MD5

9ce68ab58140895c002c127254414250
SHA1

691c97b8ea9d9aa13c80cbf4b107aeb8fca7515a
SHA256

70f8e4d44eb5bc394c0ec47aadacf8e73f43b608ef65865ead7dcd1e14bd69a6
SHA512

a2d196d1116f6fdc2b3a1e41dff3453ac84348db09b7bf0e5391f19257096beb76c7c9a1622730ae8c4ead6fac3fc2f43e1a690d4d7b19bab88a4e47afed56a5
SSDEEP

6144:bbvTe6tY1N1yj644Jh/Vc6n+0gDlkcyLzzs2rOSjAf98mLCCLkZsqQoL4:bbre6tC1J/WkbzzseO7tJ

Score

10^/10

gozi banker isfb trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9ce68ab58140895c002c127254414250_JaffaCakes118.exe

Resource

win7-20240221-en

gozi banker isfb trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

9ce68ab58140895c002c127254414250_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  9ce68ab58140895c002c127254414250_JaffaCakes118
- Size
  
  480KB
- MD5
  
  9ce68ab58140895c002c127254414250
- SHA1
  
  691c97b8ea9d9aa13c80cbf4b107aeb8fca7515a
- SHA256
  
  70f8e4d44eb5bc394c0ec47aadacf8e73f43b608ef65865ead7dcd1e14bd69a6
- SHA512
  
  a2d196d1116f6fdc2b3a1e41dff3453ac84348db09b7bf0e5391f19257096beb76c7c9a1622730ae8c4ead6fac3fc2f43e1a690d4d7b19bab88a4e47afed56a5
- SSDEEP
  
  6144:bbvTe6tY1N1yj644Jh/Vc6n+0gDlkcyLzzs2rOSjAf98mLCCLkZsqQoL4:bbre6tC1J/WkbzzseO7tJ
Score

10^/10

gozi banker isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2

© 2018-2024

Terms | Privacy