25bdab9cf1c2dbb6e96e1b0797a4facaa0c3469164f1653328e4357fb421e061 | Triage

Submit
Reports

Overview

overview

Static

static

25bdab9cf1...61.exe

windows7-x64

25bdab9cf1...61.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

25bdab9cf1c2dbb6e96e1b0797a4facaa0c3469164f1653328e4357fb421e061.exe

Resource

win7-20220901-en

gozi_ifsb 2002 banker trojan

windows7-x64

2 signatures

600 seconds

Behavioral task

behavioral2

Sample

25bdab9cf1c2dbb6e96e1b0797a4facaa0c3469164f1653328e4357fb421e061.exe

Resource

win10v2004-20220812-en

gozi_ifsb 2002 banker trojan

windows10-2004-x64

2 signatures

600 seconds

General

Target

25bdab9cf1c2dbb6e96e1b0797a4facaa0c3469164f1653328e4357fb421e061
Size

676KB
MD5

644c7a78a572d45d8af45d94e6a57e40
SHA1

0b3e29129dc20a87a166ade006bf8f1cbd9b8300
SHA256

25bdab9cf1c2dbb6e96e1b0797a4facaa0c3469164f1653328e4357fb421e061
SHA512

7dfbe61d11077a254d13d869b888c22d2e02b82c6ae8d75f04f7683d5eca7aecc8e00de740e094f197ae2f1ebd6319c3c162dc1e1e9c20ec36f7a2bddab3ce33
SSDEEP

12288:Zv75bu3S23LN8wa7yelFRNuQ7TdC1ryYrKTP5uSZPnMll:J75E732wujXbzFZil

Score

N/A

Malware Config

Signatures

Files

25bdab9cf1c2dbb6e96e1b0797a4facaa0c3469164f1653328e4357fb421e061
.exe windows x86

f81803408ac12648de0b07e5dfdb1a69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
HeapDestroy
GetModuleFileNameA
WaitForSingleObject
DeleteCriticalSection
LCMapStringW
ResetEvent
HeapReAlloc
EnterCriticalSection
InterlockedExchangeAdd
LeaveCriticalSection
LoadLibraryA
GetProcAddress
GetEnvironmentStrings
VirtualAlloc
GetVersionExA
GetCurrentThread
HeapAlloc
GetModuleHandleW
GetStartupInfoW

advapi32

CryptHashData
RegEnumValueA
CryptReleaseContext
RegEnumKeyExA
RegQueryValueExA
RegQueryValueExW

shlwapi

SHCopyKeyW

msvcrt

__CxxFrameHandler
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit

Sections

.text
Size: 664KB - Virtual size: 660KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy