Analysis
-
max time kernel
61s -
max time network
140s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
21/03/2022, 13:27
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220310-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-en-20220113
0 signatures
0 seconds
General
-
Target
gozi.dll
-
Size
43KB
-
MD5
f4e5adbe5b68993a0c25fc09ea17426c
-
SHA1
70714b4884a03364cfe4a336161148dbafb70827
-
SHA256
f55d54a8bddce8014ce5548603a30e9a48f29d3a4741d8b35f1349ac24570fcf
-
SHA512
6d2ea4d6ecf2282260b8f5f27dbad5a1e2f1ad6fc128a81755d6a5cf2d9e259722fadb7b9bc693bf35ea33a4f5ecd577dd955e97e2ee2a06dbae9a764a879778
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1500 wrote to memory of 1516 1500 rundll32.exe 77 PID 1500 wrote to memory of 1516 1500 rundll32.exe 77 PID 1500 wrote to memory of 1516 1500 rundll32.exe 77