gozi | 1a72509f6ac1011ab99029bba10817729ccf7c3da9fccd46afd63f5fb29669b3 | Triage

Submit
Reports

Overview

overview

Static

static

3

06c80a8522...18.exe

windows7-x64

06c80a8522...18.exe

windows10-2004-x64

Sharing

General

Target

06c80a85229598c5cbcb2c50c9aa144d_JaffaCakes118
Size

382KB
Sample

240623-syk1sszdnl
MD5

06c80a85229598c5cbcb2c50c9aa144d
SHA1

563e16ae776bb7f03c6f23cea553c028065260f2
SHA256

1a72509f6ac1011ab99029bba10817729ccf7c3da9fccd46afd63f5fb29669b3
SHA512

b841e58cdfb7a5c46058a94224ea0097d4bc6d5c1d043b4cf5481099f9090be3af20e5622b53663649405aeb0bae1ba080dd9108d9512eb264c071bc274619cf
SSDEEP

6144:OmCmdDTFbsxHGu0y6DPDRHGsqyMyLuo0OBdKvstJMeycrjbXY6dFDbV4DTvSoAXP:BdFYmeqPtmsB6odB4E69crnf2vSoA4ZQ

Score

10^/10

gozi banker isfb trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

06c80a85229598c5cbcb2c50c9aa144d_JaffaCakes118.exe

Resource

win7-20240419-en

gozi banker isfb trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

06c80a85229598c5cbcb2c50c9aa144d_JaffaCakes118.exe

Resource

win10v2004-20240508-en

gozi banker isfb trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  06c80a85229598c5cbcb2c50c9aa144d_JaffaCakes118
- Size
  
  382KB
- MD5
  
  06c80a85229598c5cbcb2c50c9aa144d
- SHA1
  
  563e16ae776bb7f03c6f23cea553c028065260f2
- SHA256
  
  1a72509f6ac1011ab99029bba10817729ccf7c3da9fccd46afd63f5fb29669b3
- SHA512
  
  b841e58cdfb7a5c46058a94224ea0097d4bc6d5c1d043b4cf5481099f9090be3af20e5622b53663649405aeb0bae1ba080dd9108d9512eb264c071bc274619cf
- SSDEEP
  
  6144:OmCmdDTFbsxHGu0y6DPDRHGsqyMyLuo0OBdKvstJMeycrjbXY6dFDbV4DTvSoAXP:BdFYmeqPtmsB6odB4E69crnf2vSoA4ZQ
Score

10^/10

gozi banker isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozibankerisfbtrojan

behavioral2

gozibankerisfbtrojan

© 2018-2024

Terms | Privacy