General
-
Target
a.msi
-
Size
1.8MB
-
Sample
230518-rtj29scd96
-
MD5
7fc18c44f481a5941e2d068a2cdebe0e
-
SHA1
11b7d2d7451c80621f657662eb738966e2026098
-
SHA256
c9b591e9a5ccf5416b94aa3b4fac9bece16fb836d1ae4161dcdae295259e01aa
-
SHA512
798a262fc73b74ddf19a5d6510aa692c3c083d212e473c3b41148e2261064fafd2e74cb92001bf55e92c15141bda85ead5d79e9f93ddd16738dd073bc3eb37d7
-
SSDEEP
49152:vpyP2OmJH6g7sJzM+C5JCNS5WPvwaq7m6x:6jJzMUpc
Static task
static1
Behavioral task
behavioral1
Sample
a.msi
Resource
win7-20230220-en
Malware Config
Extracted
gozi
1000
https://bastarka.top
-
host_keep_time
2
-
host_shift_time
1
-
idle_time
1
-
request_time
10
Targets
-
-
Target
a.msi
-
Size
1.8MB
-
MD5
7fc18c44f481a5941e2d068a2cdebe0e
-
SHA1
11b7d2d7451c80621f657662eb738966e2026098
-
SHA256
c9b591e9a5ccf5416b94aa3b4fac9bece16fb836d1ae4161dcdae295259e01aa
-
SHA512
798a262fc73b74ddf19a5d6510aa692c3c083d212e473c3b41148e2261064fafd2e74cb92001bf55e92c15141bda85ead5d79e9f93ddd16738dd073bc3eb37d7
-
SSDEEP
49152:vpyP2OmJH6g7sJzM+C5JCNS5WPvwaq7m6x:6jJzMUpc
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-