Analysis Overview
SHA256
5efb3445d26e84177a70f2509fd8b10bec30d978d5a55c6e351f0be855570736
Threat Level: Known bad
The file 5efb3445d26e84177a70f2509fd8b10bec30d978d5a55c6e351f0be855570736 was found to be: Known bad.
Malicious Activity Summary
Gozi, Gozi IFSB
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2022-07-31 18:38
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2022-07-31 18:38
Reported
2022-07-31 19:24
Platform
win7-20220715-en
Max time kernel
119s
Max time network
44s
Command Line
Signatures
Gozi, Gozi IFSB
Processes
C:\Users\Admin\AppData\Local\Temp\5efb3445d26e84177a70f2509fd8b10bec30d978d5a55c6e351f0be855570736.exe
"C:\Users\Admin\AppData\Local\Temp\5efb3445d26e84177a70f2509fd8b10bec30d978d5a55c6e351f0be855570736.exe"
Network
Files
memory/1520-55-0x0000000000CC0000-0x0000000000D13000-memory.dmp
memory/1520-54-0x0000000000CC0000-0x0000000000CCF000-memory.dmp
memory/1520-56-0x0000000000270000-0x000000000028B000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2022-07-31 18:38
Reported
2022-07-31 19:23
Platform
win10v2004-20220721-en
Max time kernel
27s
Max time network
67s
Command Line
Signatures
Gozi, Gozi IFSB
Processes
C:\Users\Admin\AppData\Local\Temp\5efb3445d26e84177a70f2509fd8b10bec30d978d5a55c6e351f0be855570736.exe
"C:\Users\Admin\AppData\Local\Temp\5efb3445d26e84177a70f2509fd8b10bec30d978d5a55c6e351f0be855570736.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 226.101.242.52.in-addr.arpa | udp |
Files
memory/4616-131-0x00000000009C0000-0x0000000000A13000-memory.dmp
memory/4616-130-0x00000000009C0000-0x00000000009CF000-memory.dmp
memory/4616-132-0x0000000002A80000-0x0000000002A9B000-memory.dmp