General
-
Target
f914b13bf8598d479fc3182a51060619a5e3c01be3c485e4b25e3fe21474476b
-
Size
3.6MB
-
Sample
230902-xb62zafb52
-
MD5
9fd1e609a7ff4afd2814e8d5f60214ce
-
SHA1
ba2d51541ea232c23c6806ff6668525ca845b64e
-
SHA256
f914b13bf8598d479fc3182a51060619a5e3c01be3c485e4b25e3fe21474476b
-
SHA512
979b236e1df1b8fd208b1221ce25d25b16adb82ed8e20764d56400d9617b9f1cf030ca8411a6c18f016077cdf56334288646f5af925c17e58edc2e4b939638f0
-
SSDEEP
49152:lEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWm:lEjlmQbfgSgwvSnN4iVJuV0xNx+/UPq2
Malware Config
Extracted
gozi
Targets
-
-
Target
f914b13bf8598d479fc3182a51060619a5e3c01be3c485e4b25e3fe21474476b
-
Size
3.6MB
-
MD5
9fd1e609a7ff4afd2814e8d5f60214ce
-
SHA1
ba2d51541ea232c23c6806ff6668525ca845b64e
-
SHA256
f914b13bf8598d479fc3182a51060619a5e3c01be3c485e4b25e3fe21474476b
-
SHA512
979b236e1df1b8fd208b1221ce25d25b16adb82ed8e20764d56400d9617b9f1cf030ca8411a6c18f016077cdf56334288646f5af925c17e58edc2e4b939638f0
-
SSDEEP
49152:lEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWm:lEjlmQbfgSgwvSnN4iVJuV0xNx+/UPq2
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-