GozNym Banking Malware: Gang Busted, Is that the End?

GozNym is a hybrid creation specifically coded to, among other things, avoid detection by legacy AV solutions. The gang had combined the Nymaim malware, a first stage loader with persistence capabilities, with a second-stage infection containing a version of the Gozi ISFB banking trojan, hence the name GozNym. Read More: https://www.sentinelone.com/blog/goznym-banking-malware-gang-busted/
Nymaim has been around for several years but is notable for its ability to avoid security solutions. As previous researchers have revealed, Nymaim checks for running processes that belong to certain AV vendor products.