Analysis
-
max time kernel
411s -
max time network
414s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
27-10-2022 04:16
General
-
Target
53f7d917ad9ebf5b7d2ccc1a835083bc0c0b92cc69ee584703ea6e4345f5c457_unpacked_x64.dll
-
Size
425KB
-
MD5
66ee921fdc602765a15fcd3589e1947d
-
SHA1
2cfe29609017b8b0b52e75f06219bac0221dbe5d
-
SHA256
f54b56916010c5563634bfcad6b9e3f9855e5fcd48d96c1872510ecd6dadf3a7
-
SHA512
d25d610f850f0e5ee77826dc2f876c21aeaf3ad0d4c5d406b6e130c7c442a07384223a3646ddf77dc52f8a8a7b3ef6f50902302c36bd98b3d3c9c8f82673a9ad
-
SSDEEP
6144:9I34yb5apnrPnPQgY1INa6shJYP62aHYoa4AhdNorGvHdbi09GJwhO:9IIyNIr0ml2JY/aHYo7AHhly
Score
10/10
Malware Config
Signatures
-
Gozi, Gozi IFSB
Gozi ISFB is a well-known and widely distributed banking trojan.
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\53f7d917ad9ebf5b7d2ccc1a835083bc0c0b92cc69ee584703ea6e4345f5c457_unpacked_x64.dll,#11⤵