gozi | 6d49983e65549c5a36b43c14ae4a0fbf126bbb3291ebdf5b31b0cc7219646909 | Triage

Submit
Reports

Overview

overview

Static

static

3

a8b931811e...18.exe

windows7-x64

a8b931811e...18.exe

windows10-2004-x64

3

Sharing

General

Target

a8b931811e8a8bdb83e0aff2e1c6e560_JaffaCakes118
Size

576KB
Sample

240614-kbelhawcpj
MD5

a8b931811e8a8bdb83e0aff2e1c6e560
SHA1

b0e06e950016a5a4ae574bb14334fa629708a67a
SHA256

6d49983e65549c5a36b43c14ae4a0fbf126bbb3291ebdf5b31b0cc7219646909
SHA512

35739a276e901e9ee66f6f2a3e9638ca4895635068685957866d2831fd4d4cb72a1d0b0d81932abf8f162a0e3d1bf8e7c6c515cf931ba9711a9d4cce678028d6
SSDEEP

12288:76v/QO1vCNvRDKh214aEl/zNRnVIOgCTW06KZ9nisXz:76v/Q4CNpDKMylrdIdy6G9is

Score

10^/10

gozi banker isfb trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a8b931811e8a8bdb83e0aff2e1c6e560_JaffaCakes118.exe

Resource

win7-20240508-en

gozi banker isfb trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

a8b931811e8a8bdb83e0aff2e1c6e560_JaffaCakes118.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  a8b931811e8a8bdb83e0aff2e1c6e560_JaffaCakes118
- Size
  
  576KB
- MD5
  
  a8b931811e8a8bdb83e0aff2e1c6e560
- SHA1
  
  b0e06e950016a5a4ae574bb14334fa629708a67a
- SHA256
  
  6d49983e65549c5a36b43c14ae4a0fbf126bbb3291ebdf5b31b0cc7219646909
- SHA512
  
  35739a276e901e9ee66f6f2a3e9638ca4895635068685957866d2831fd4d4cb72a1d0b0d81932abf8f162a0e3d1bf8e7c6c515cf931ba9711a9d4cce678028d6
- SSDEEP
  
  12288:76v/QO1vCNvRDKh214aEl/zNRnVIOgCTW06KZ9nisXz:76v/Q4CNpDKMylrdIdy6G9is
Score

10^/10

gozi banker isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2

© 2018-2024

Terms | Privacy