Analysis
-
max time kernel
4294182s -
max time network
136s -
platform
windows7_x64 -
resource
win7-20220310-en -
submitted
21/03/2022, 13:13
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220310-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-en-20220113
0 signatures
0 seconds
General
-
Target
gozi.dll
-
Size
43KB
-
MD5
e7f49957d916e15bf8449f566e9eda8c
-
SHA1
391c87ab0dbcc802a8f8d727380caa4c8e9bc781
-
SHA256
cba3ec7d0bc169ca0ce4a53d8d2ee753354991867fc0264a93639300e4f6f333
-
SHA512
51980f17730a8e90ec06ae7e14beaa9fb2a5d71230239c869fc5bea13fbfd350e24ad39cf36ed5e783b31d75ca5f095f14f07eaa410e886ad3197022fbef4d75
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 972 wrote to memory of 856 972 rundll32.exe 27 PID 972 wrote to memory of 856 972 rundll32.exe 27 PID 972 wrote to memory of 856 972 rundll32.exe 27 PID 972 wrote to memory of 856 972 rundll32.exe 27 PID 972 wrote to memory of 856 972 rundll32.exe 27 PID 972 wrote to memory of 856 972 rundll32.exe 27 PID 972 wrote to memory of 856 972 rundll32.exe 27