Overview

overview

10

Static

static

436.exe

windows7_x64

10

436.exe

windows10_x64

10

Analysis

  • max time kernel
    14s
  • max time network
    112s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    12-07-2021 11:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    436.exe

  • Size

    177KB

  • MD5

    436e58129cb75672cbf4ef00ad4a2975

  • SHA1

    1b96da3482ef6a1d9f0b67d7b0e58904aa3f86b2

  • SHA256

    461f8dba6d54344d8f3414d0a2ee03bf12efbf8538d7e781e7c76860d0af52cd

  • SHA512

    b77712dbbaba7383ec57d975b7dd8662da2b2242811f29beedca9ed5c70a3314621acb998599bdacf42fe8fc3472e499ec3654baf0a3b1a39220f998b9b38462

Score
10/10
gozi_rm3bankertrojan

Malware Config

Extracted

Family

gozi_rm3

rsa_pubkey.base64

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\436.exe
    "C:\Users\Admin\AppData\Local\Temp\436.exe"
    1⤵
      PID:804

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/804-114-0x00000000001C0000-0x00000000001CA000-memory.dmp
      Filesize

      40KB

      Download
    • memory/804-118-0x0000000001000000-0x00000000037EE000-memory.dmp
      Filesize

      39.9MB

      Download
    • memory/804-117-0x0000000000030000-0x0000000000037000-memory.dmp
      Filesize

      28KB

      Download