documents-998725151[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

1

documents7.exe

windows7-x64

documents7.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

documents7.exe

Resource

win7-20230220-en

gozi 20000 banker isfb trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

documents7.exe

Resource

win10v2004-20230220-en

gozi 20000 banker isfb trojan

windows10-2004-x64

17 signatures

150 seconds

General

Target

documents-998725151.zip
Size

411KB
MD5

44b4b391d4fafd15bf4f384abec244fa
SHA1

9c55a13226a3b898a594138fd63aba358ea41732
SHA256

beb762d325c6c8ae3cb3876c6491913a51a2a79f336bf0509641e1ad9bddbaec
SHA512

cb5ce375f69baae1fb1fa86dfd62b827746734c9bf9f19343ca85b01c1a009e34abbfb1394058ebc7e34d6ba0f3d75e87329e6dcf0f853c33aab1e3787f5732a
SSDEEP

12288:C2zKUlggYedmoWXlXIEUYm0G7TniW+rv042uxdi:C0ggVm9BBUhriB8Q2

Score

1^/10

Malware Config

Signatures

Files

documents-998725151.zip
.zip
documents7.exe
.exe windows x86

9f28e69fe4118a94dab47c1e46c94f4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateTimerQueue
HeapWalk
GetModuleFileNameW
GetCPInfoExW
TlsFree
OutputDebugStringA
GetBinaryTypeW
GetProcAddress
ReleaseSemaphore
GetModuleHandleA

msvcrt

memset

advapi32

EqualSid

user32

OpenClipboard

winmm

waveInGetID

gdi32

SaveDC

ws2_32

WSAGetLastError

rpcrt4

RpcImpersonateClient
I_RpcReceive

setupapi

SetupPromptForDiskA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy