gozi_rm3 | 2da16bcef7b5b0d117a7d425e437288349ecb58a2711ee2040138603812f4c7b | Triage

Submit
Reports

Overview

overview

Static

static

2da16bcef7...7b.exe

windows7_x64

3

2da16bcef7...7b.exe

windows10-2004_x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

2da16bcef7b5b0d117a7d425e437288349ecb58a2711ee2040138603812f4c7b.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2da16bcef7b5b0d117a7d425e437288349ecb58a2711ee2040138603812f4c7b.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

General

Target

2da16bcef7b5b0d117a7d425e437288349ecb58a2711ee2040138603812f4c7b
Size

60KB
MD5

fa0f09612b945414fde0148658102467
SHA1

12a87c7d6bfaa3cb30d618e8909770d120c483ac
SHA256

2da16bcef7b5b0d117a7d425e437288349ecb58a2711ee2040138603812f4c7b
SHA512

19bd090f4b5382c124d058d24ab8a15e809229aab243d785617e68afba026dbfc2968a03d82d7fa61d02cb51bdb4721966c63f9d05bbc8c7eb46f6fe9c67318e
SSDEEP

768:x5jP8F1Dzv+Ng7abBP2rJkjvmqo0e8uFLJuYzz0ok6yzMkAJ+lE:nT8F1v+6abBP29uebEAZzgbpk

Score

10^/10

gozi_rm3

Malware Config

Signatures

Gozi_rm3 family
gozi_rm3

Files

2da16bcef7b5b0d117a7d425e437288349ecb58a2711ee2040138603812f4c7b
.exe windows x86

65b3a22f64f6eef4ffe64e533ef3f2cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetProcessHeap
GetLastError
GetModuleHandleA
GetTickCount
VirtualProtect
VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryA
lstrlenW
lstrlenA
HeapAlloc
HeapFree
WaitForSingleObject
CloseHandle
CreateEventA

ntdll

memcpy
memset
RtlUnwind
NtQueryVirtualMemory

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy