Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20230831-en -
resource tags
-
submitted
10-10-2023 11:23
General
-
Target
gozi.dll
-
Size
44KB
-
MD5
8b61f8e62b18781430b85d62c4d705b7
-
SHA1
1f5a45bf2905ee0d10607a6cf59a98168a995a2a
-
SHA256
580a6bccc51030cef877b8ac00ef6f9be7369a01bca7698c29c5cd1abe3f1990
-
SHA512
650f13ae83009b586f66d1009784006260368dde1ca50377aa7175d1162b45dc18fb66cbabf7848c735029b27a71e70aebc37f7c551ddd58540d1a34f41501b6
-
SSDEEP
768:TX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:Tvrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\gozi.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\gozi.dll,#12⤵