Analysis
-
max time kernel
4294179s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20220311-en -
submitted
23/03/2022, 02:24
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220311-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20220310-en
0 signatures
0 seconds
General
-
Target
gozi.dll
-
Size
43KB
-
MD5
3cc9a5a6ebb76427c9dd0b84dd7788c5
-
SHA1
4c92cc45117c1c0a869de228b486ba0d1d3076f3
-
SHA256
695db7129895c6845ae5a49b6d5754654a21921008213b7ce83dc57b65fc8daf
-
SHA512
03bb93b0c2b10614629f94bf7a64795235886a5c9bcca182bfac1a16c88e9998782f89af18c9d043c963e574f98b09423536833c25e700a2f501ebe36e07fd84
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1924 wrote to memory of 1100 1924 rundll32.exe 27 PID 1924 wrote to memory of 1100 1924 rundll32.exe 27 PID 1924 wrote to memory of 1100 1924 rundll32.exe 27 PID 1924 wrote to memory of 1100 1924 rundll32.exe 27 PID 1924 wrote to memory of 1100 1924 rundll32.exe 27 PID 1924 wrote to memory of 1100 1924 rundll32.exe 27 PID 1924 wrote to memory of 1100 1924 rundll32.exe 27