Analysis
-
max time kernel
91s -
max time network
136s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
14/06/2022, 08:47
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20220414-en
0 signatures
0 seconds
General
-
Target
gozi.dll
-
Size
43KB
-
MD5
00c5cefd7b8d986960d52fb37aad1f38
-
SHA1
fabf6f9f6890f94725c9556b671f62816b657b35
-
SHA256
9fe764ec2cf232b5cf3afbdac83da4846ab4a7e11e5fda936097eec79bffa72b
-
SHA512
fc2813aa5193c9e5f9bcba29d1d3bcd7b24bf1bdfae75b18c371f3689548bdc50c7ca57fb6c3e36361083a8551a4c91789ca1f6d11b6531e3191216265cff05f
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4644 wrote to memory of 4236 4644 rundll32.exe 79 PID 4644 wrote to memory of 4236 4644 rundll32.exe 79 PID 4644 wrote to memory of 4236 4644 rundll32.exe 79