Malware Analysis – gozi – cafb427e5aaf01dc82002021fa1c5211

November 26, 2022

Malware Analysis

Score: 10

  • MALWARE FAMILY: gozi
  • TAGS:family:gozi, botnet:1012, banker, isfb, persistence, ransomware, trojan
  • MD5: cafb427e5aaf01dc82002021fa1c5211
  • SHA1: 5936a585083d8d8955b70fdf0153071de2360af3
  • ANALYSIS DATE: 2022-11-26T00:18:09Z
  • TTPS: T1082, T1158, T1060, T1112, T1491

ScoreMeaningExample
10Known badA malware family was detected.
8-9Likely maliciousOne or more known damaging malware attack patterns were detected.

Examples:
The deleting of shadow copies on Windows.
6-7Shows suspicious behaviourOne or more suspicious actions were detected. The detected actions can be malicious but also have (common) benign uses.

Examples:
Changing file permissions.
Anti-VM behaviour/trying to detect a VM.
2-5Likely benignOne or more interesting behaviours were detected. The detected actions are interesting enough to be notified about but are not directly malicious.
1No (potentially) malicious behaviour was detected.N/A

You may have missed

CISA Logo

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

October 31, 2024
CISA Logo

CISA: Avoid Scams After Disaster Strikes

October 31, 2024
CISA Logo

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

October 31, 2024
CISA Logo

CISA: CISA Releases Three Industrial Control Systems Advisories

October 31, 2024
CISA Logo

CISA: Adobe Releases Security Updates for Multiple Products

October 31, 2024