General
-
Target
cd8393350f7cfc0762e09ee3b0a98002a1b9abf362caf5f210e717e1d4ebe53a.msi
-
Size
5.8MB
-
Sample
230526-ll2pfseg92
-
MD5
82ff84cb9924f0855a894e75b5d3edb2
-
SHA1
df89381239f8a8ececeb697a6a35a573203bac09
-
SHA256
cd8393350f7cfc0762e09ee3b0a98002a1b9abf362caf5f210e717e1d4ebe53a
-
SHA512
416db643cbfda60b26bb3eac8b6a94b148b506bc016d562bc51e085f765400c56412462b42e2e29dcc44fa621349781c1c225081804c528a0a7fd1822663597b
-
SSDEEP
98304:ajJzMUpQ/2zKN5DmsQPKEvia5Zld9l4jH43ZnzgB1wLhQNHFRaFUDAQQHk8iQdvk:M5NzKNgsKKE6UZD9l4IZnzgLwLhQNHFd
Static task
static1
Behavioral task
behavioral1
Sample
cd8393350f7cfc0762e09ee3b0a98002a1b9abf362caf5f210e717e1d4ebe53a.msi
Resource
win7-20230220-en
Malware Config
Extracted
gozi
1000
https://sumarno.top
-
host_keep_time
2
-
host_shift_time
1
-
idle_time
1
-
request_time
10
Targets
-
-
Target
cd8393350f7cfc0762e09ee3b0a98002a1b9abf362caf5f210e717e1d4ebe53a.msi
-
Size
5.8MB
-
MD5
82ff84cb9924f0855a894e75b5d3edb2
-
SHA1
df89381239f8a8ececeb697a6a35a573203bac09
-
SHA256
cd8393350f7cfc0762e09ee3b0a98002a1b9abf362caf5f210e717e1d4ebe53a
-
SHA512
416db643cbfda60b26bb3eac8b6a94b148b506bc016d562bc51e085f765400c56412462b42e2e29dcc44fa621349781c1c225081804c528a0a7fd1822663597b
-
SSDEEP
98304:ajJzMUpQ/2zKN5DmsQPKEvia5Zld9l4jH43ZnzgB1wLhQNHFRaFUDAQQHk8iQdvk:M5NzKNgsKKE6UZD9l4IZnzgLwLhQNHFd
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-