Analysis
-
max time kernel
4294178s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20220311-en -
submitted
21/03/2022, 13:20
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220311-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-en-20220113
0 signatures
0 seconds
General
-
Target
gozi.dll
-
Size
43KB
-
MD5
8855af0d607d754597c6ba1b0cc3708a
-
SHA1
65dbed522297ac8a50d4393538eea3c51fd7141a
-
SHA256
5da0e0f959a76824ae3c1bb5bdc8bf71c9e5d0fc389f0dc1b9f03cd0bfedca83
-
SHA512
56a8f82013377b500863c14bfadcc052027a752f60fd00499559990d83f76a1c1b34e141cd648bef7e0642a87dd7e75e025b933bc4d40e4c4fbfff18152e46de
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 964 wrote to memory of 1040 964 rundll32.exe 27 PID 964 wrote to memory of 1040 964 rundll32.exe 27 PID 964 wrote to memory of 1040 964 rundll32.exe 27 PID 964 wrote to memory of 1040 964 rundll32.exe 27 PID 964 wrote to memory of 1040 964 rundll32.exe 27 PID 964 wrote to memory of 1040 964 rundll32.exe 27 PID 964 wrote to memory of 1040 964 rundll32.exe 27