General
-
Target
7fc18c44f481a5941e2d068a2cdebe0e.bin
-
Size
998KB
-
Sample
230520-btawlacc3w
-
MD5
130220c4b805f39d71b89215b0ceb49d
-
SHA1
8ba57a4a520bb9c2d7a98a14048bfcb1f795b447
-
SHA256
bc2d94e41e50847f7503463e3e6a57497412d9f7a91a227f8906675ddfe0ef23
-
SHA512
a2a2d0c955414ef6c520a6134a15129764ed01d273fc6c5090624de6fb7dbcffc4d8bffb29af2640688e579b092c5e53e0dbcd60e1890ee2df8945cf60b96212
-
SSDEEP
24576:RfR9vfY1yOkz7S6+23BRWWfcpyWYVtixC8wsmeGB:RfRVIi7ZRWWfcFYVow8wjdB
Static task
static1
Behavioral task
behavioral1
Sample
c9b591e9a5ccf5416b94aa3b4fac9bece16fb836d1ae4161dcdae295259e01aa.msi
Resource
win7-20230220-en
Malware Config
Extracted
gozi
1000
https://bastarka.top
-
host_keep_time
2
-
host_shift_time
1
-
idle_time
1
-
request_time
10
Targets
-
-
Target
c9b591e9a5ccf5416b94aa3b4fac9bece16fb836d1ae4161dcdae295259e01aa.msi
-
Size
1.8MB
-
MD5
7fc18c44f481a5941e2d068a2cdebe0e
-
SHA1
11b7d2d7451c80621f657662eb738966e2026098
-
SHA256
c9b591e9a5ccf5416b94aa3b4fac9bece16fb836d1ae4161dcdae295259e01aa
-
SHA512
798a262fc73b74ddf19a5d6510aa692c3c083d212e473c3b41148e2261064fafd2e74cb92001bf55e92c15141bda85ead5d79e9f93ddd16738dd073bc3eb37d7
-
SSDEEP
49152:vpyP2OmJH6g7sJzM+C5JCNS5WPvwaq7m6x:6jJzMUpc
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-