Analysis

  • max time kernel
    126s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220113
  • submitted
    21/03/2022, 13:20

General

  • Target

    gozi.dll

  • Size

    43KB

  • MD5

    8855af0d607d754597c6ba1b0cc3708a

  • SHA1

    65dbed522297ac8a50d4393538eea3c51fd7141a

  • SHA256

    5da0e0f959a76824ae3c1bb5bdc8bf71c9e5d0fc389f0dc1b9f03cd0bfedca83

  • SHA512

    56a8f82013377b500863c14bfadcc052027a752f60fd00499559990d83f76a1c1b34e141cd648bef7e0642a87dd7e75e025b933bc4d40e4c4fbfff18152e46de

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\gozi.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3096
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\gozi.dll,#1
      2⤵
        PID:3404

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads