gozi | 201b496f3bf0fe6d4108ac399e0b3fa6b22fd5e93daf902f6be3053acf7087ea | Triage

Submit
Reports

Overview

overview

Static

static

7

02405e98f5...18.exe

windows7-x64

7

02405e98f5...18.exe

windows10-2004-x64

Sharing

General

Target

02405e98f541389089d685560486b45c_JaffaCakes118
Size

72KB
Sample

240622-p9y51syglf
MD5

02405e98f541389089d685560486b45c
SHA1

52eb07b681a68ad18487e796cb3eee11c432dc01
SHA256

201b496f3bf0fe6d4108ac399e0b3fa6b22fd5e93daf902f6be3053acf7087ea
SHA512

3e85b33224c3bddbbd74eb8ed43efe537dc0c07dbe1101f985e4c7d33f8feab81d5fbf495bab8152b6b9a9bd7bd196263f12548d4a99e89c8562dcdec8eebed0
SSDEEP

1536:tff0Ktwrr9jeubPb9YORpzYG5fK0s6reTV4PbO+sjb95drvFvmndpg:tfc5nVeubPb9Y05fhZe1BZM

Score

10^/10

gozi aspackv2 banker isfb trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

02405e98f541389089d685560486b45c_JaffaCakes118.exe

Resource

win7-20240611-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

02405e98f541389089d685560486b45c_JaffaCakes118.exe

Resource

win10v2004-20240508-en

gozi banker isfb trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  02405e98f541389089d685560486b45c_JaffaCakes118
- Size
  
  72KB
- MD5
  
  02405e98f541389089d685560486b45c
- SHA1
  
  52eb07b681a68ad18487e796cb3eee11c432dc01
- SHA256
  
  201b496f3bf0fe6d4108ac399e0b3fa6b22fd5e93daf902f6be3053acf7087ea
- SHA512
  
  3e85b33224c3bddbbd74eb8ed43efe537dc0c07dbe1101f985e4c7d33f8feab81d5fbf495bab8152b6b9a9bd7bd196263f12548d4a99e89c8562dcdec8eebed0
- SSDEEP
  
  1536:tff0Ktwrr9jeubPb9YORpzYG5fK0s6reTV4PbO+sjb95drvFvmndpg:tfc5nVeubPb9Y05fhZe1BZM
Score

10^/10

gozi banker isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

gozibankerisfbtrojan

© 2018-2024

Terms | Privacy