Analysis
-
max time kernel
4294180s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20220311-en -
submitted
21/03/2022, 13:34
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220311-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-en-20220113
0 signatures
0 seconds
General
-
Target
gozi.dll
-
Size
43KB
-
MD5
21e836bd521081f8b97c3e5a31822afe
-
SHA1
fec35c2a1f2d362356573b25f0dd4a50c7be842e
-
SHA256
e6f3b5857a2da506a0f5470400655fc4011600ae4253bba3dae85f7e6a9be6c2
-
SHA512
c27856e4c417ff414c9365d68276a6678449886ac95bb99051fe61024fe2493c01cdd40789e89a0d047d18419db6fcd8085b7876cff3dbc8cd54f4623a6b3977
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 792 wrote to memory of 1772 792 rundll32.exe 27 PID 792 wrote to memory of 1772 792 rundll32.exe 27 PID 792 wrote to memory of 1772 792 rundll32.exe 27 PID 792 wrote to memory of 1772 792 rundll32.exe 27 PID 792 wrote to memory of 1772 792 rundll32.exe 27 PID 792 wrote to memory of 1772 792 rundll32.exe 27 PID 792 wrote to memory of 1772 792 rundll32.exe 27