Analysis
-
max time kernel
44s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220715-en -
resource tags
arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system -
submitted
03-08-2022 09:37
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220715-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20220721-en
1 signatures
150 seconds
General
-
Target
gozi.dll
-
Size
43KB
-
MD5
3a8f2a2d40f118146d8d3f2f42315739
-
SHA1
3b4ef4c3a1a3c6d6aa0ab9006952b5bb8fa73749
-
SHA256
ae9f0663e71d68075993bb8b1576bdc7b7497782ec34741b150c8937f00cc3f4
-
SHA512
df85bf5f327d0bae6e061c7c6182e99170d66107066256928b4dd4b7af1fcb02fa96b4f43bbca0e97654db11d1bce2b7b468601b4190288a36efcaf013e5f27d
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1972 wrote to memory of 1876 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 1876 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 1876 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 1876 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 1876 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 1876 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 1876 1972 rundll32.exe rundll32.exe