gozi | 6c067b7366e89e290c96deb271e18e8becf2f2ae0b83ad11a8254b226f109bb6 | Triage

Submit
Reports

Overview

overview

Static

static

3

b0589f2233...18.exe

windows7-x64

b0589f2233...18.exe

windows10-2004-x64

Sharing

General

Target

b0589f223333abed87ffc746672a6595_JaffaCakes118
Size

293KB
Sample

240615-12vcmswfkb
MD5

b0589f223333abed87ffc746672a6595
SHA1

6b058d76652e45e4d206e552be6ce1d66a5493f8
SHA256

6c067b7366e89e290c96deb271e18e8becf2f2ae0b83ad11a8254b226f109bb6
SHA512

df297bae84ead8bd10f02809da268094ec7e5a66d863a1eb2221d01762380daabbe61a91d0fdcfb0d0b8534a29d2ec3a3b30325047bb1b8fe38cced604140fc2
SSDEEP

6144:3s5dp/xuOu11LdlvrF/vG3UvGeDZkKMEY5RA:3slW1LPDFW3UvGwjY5RA

Score

10^/10

gozi banker isfb trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b0589f223333abed87ffc746672a6595_JaffaCakes118.exe

Resource

win7-20240611-en

gozi banker isfb trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

b0589f223333abed87ffc746672a6595_JaffaCakes118.exe

Resource

win10v2004-20240611-en

gozi banker isfb trojan

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  b0589f223333abed87ffc746672a6595_JaffaCakes118
- Size
  
  293KB
- MD5
  
  b0589f223333abed87ffc746672a6595
- SHA1
  
  6b058d76652e45e4d206e552be6ce1d66a5493f8
- SHA256
  
  6c067b7366e89e290c96deb271e18e8becf2f2ae0b83ad11a8254b226f109bb6
- SHA512
  
  df297bae84ead8bd10f02809da268094ec7e5a66d863a1eb2221d01762380daabbe61a91d0fdcfb0d0b8534a29d2ec3a3b30325047bb1b8fe38cced604140fc2
- SSDEEP
  
  6144:3s5dp/xuOu11LdlvrF/vG3UvGeDZkKMEY5RA:3slW1LPDFW3UvGwjY5RA
Score

10^/10

gozi banker isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2

gozibankerisfbtrojan

© 2018-2024

Terms | Privacy