gozi | 59fc347dac3dd1c78d62393589818b5417ca041d697d155040988b14562bc797 | Triage

Submit
Reports

Overview

overview

Static

static

3

59fc347dac...97.exe

windows10-1703-x64

Sharing

General

Target

59fc347dac3dd1c78d62393589818b5417ca041d697d155040988b14562bc797.exe
Size

117KB
Sample

240620-qcln4ayfnc
MD5

ccd0309499150e378a9fed4cd01a0935
SHA1

e8ae78cf81cc2f2e29558df03996bd8ee8880987
SHA256

59fc347dac3dd1c78d62393589818b5417ca041d697d155040988b14562bc797
SHA512

b1878fbc83a5b6ec5cc9d8be9dfef61ef096760d60428cd18972301fa0312c00d8ec24cd8ac89ec37705eb1f42dcf0b4ba00949b8ca9d04ce69179c520019f3e
SSDEEP

3072:5BK3BN5XEc5iEmeh15Akat6gD8YyMovAnIZrE:5Mj2u1EtEYyMov

Score

10^/10

gozi 4143 banker isfb trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

59fc347dac3dd1c78d62393589818b5417ca041d697d155040988b14562bc797.exe

Resource

win10-20240404-en

gozi 4143 banker isfb trojan

windows10-1703-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Botnet

4143

C2

settings-win.data.microsoft.com

link.paichecafe.com

Attributes

build
217111
dga_base_url
constitution.org/usdeclar.txt
dga_crc
0x4eb7d2ca
dga_season
10
dga_tlds
com
ru
org
exe_type
loader
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  59fc347dac3dd1c78d62393589818b5417ca041d697d155040988b14562bc797.exe
- Size
  
  117KB
- MD5
  
  ccd0309499150e378a9fed4cd01a0935
- SHA1
  
  e8ae78cf81cc2f2e29558df03996bd8ee8880987
- SHA256
  
  59fc347dac3dd1c78d62393589818b5417ca041d697d155040988b14562bc797
- SHA512
  
  b1878fbc83a5b6ec5cc9d8be9dfef61ef096760d60428cd18972301fa0312c00d8ec24cd8ac89ec37705eb1f42dcf0b4ba00949b8ca9d04ce69179c520019f3e
- SSDEEP
  
  3072:5BK3BN5XEc5iEmeh15Akat6gD8YyMovAnIZrE:5Mj2u1EtEYyMov
Score

10^/10

gozi 4143 banker isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

gozi4143bankerisfbtrojan

© 2018-2024

Terms | Privacy