Analysis
-
max time kernel
135s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
21/03/2022, 13:13
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220310-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-en-20220113
0 signatures
0 seconds
General
-
Target
gozi.dll
-
Size
43KB
-
MD5
e7f49957d916e15bf8449f566e9eda8c
-
SHA1
391c87ab0dbcc802a8f8d727380caa4c8e9bc781
-
SHA256
cba3ec7d0bc169ca0ce4a53d8d2ee753354991867fc0264a93639300e4f6f333
-
SHA512
51980f17730a8e90ec06ae7e14beaa9fb2a5d71230239c869fc5bea13fbfd350e24ad39cf36ed5e783b31d75ca5f095f14f07eaa410e886ad3197022fbef4d75
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3304 wrote to memory of 384 3304 rundll32.exe 78 PID 3304 wrote to memory of 384 3304 rundll32.exe 78 PID 3304 wrote to memory of 384 3304 rundll32.exe 78