gozi_rm3 | a2dc4d9a7b686612cdbe2bd80c1855360ac160b1321aa4a5e305525311fd9118 | Triage

Submit
Reports

Overview

overview

Static

static

a2dc4d9a7b...18.exe

windows7_x64

1

a2dc4d9a7b...18.exe

windows10-2004_x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a2dc4d9a7b686612cdbe2bd80c1855360ac160b1321aa4a5e305525311fd9118.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a2dc4d9a7b686612cdbe2bd80c1855360ac160b1321aa4a5e305525311fd9118.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

General

Target

a2dc4d9a7b686612cdbe2bd80c1855360ac160b1321aa4a5e305525311fd9118
Size

52KB
MD5

2d7fa5c028c4c043797410afa65d39d1
SHA1

5332440b06117c2d308bed01e15da0396d5f8167
SHA256

a2dc4d9a7b686612cdbe2bd80c1855360ac160b1321aa4a5e305525311fd9118
SHA512

9981aebb3f6abfc100a0f6fa498ca6f6e801b3e77c9d3694007b3eadc55fdfdb9d1f613a7e2019041f42fa230484291b0a632a686d7a4c1c6a3e9155d6d14702
SSDEEP

1536:pHmN8dMJPt0Jwu7GI8KHzuZ19E1P/BEZkcnPd:xe869KwvsuZXenUkE

Score

10^/10

gozi_rm3

Malware Config

Extracted

Family

gozi_rm3

Attributes

build
300904

Signatures

Gozi_rm3 family
gozi_rm3

Files

a2dc4d9a7b686612cdbe2bd80c1855360ac160b1321aa4a5e305525311fd9118
.exe windows x86

76782c4ef82c16a64a1726ab56e5524c

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetCurrentThread
WaitForSingleObject
GetModuleHandleA
ExitProcess
CreateEventA
GetLastError
CloseHandle
lstrlenA
HeapAlloc
HeapFree
lstrlenW
VirtualProtect
VirtualFree
VirtualAlloc
GetModuleHandleW
GetSystemTimeAsFileTime
LoadLibraryW
GetProcAddress

ntdll

memset
memcpy
RtlUnwind
NtQueryVirtualMemory

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy