General
-
Target
83fc89db5db829fa4dcf41e453c0b42066e5d50eb7468c425c421764487df1d5
-
Size
3.4MB
-
Sample
240223-yewk3sfg44
-
MD5
31b4e07cdff57edbb77803fc460ab8c7
-
SHA1
91674dd50a9574efe9f2244bb8c767662701e51e
-
SHA256
83fc89db5db829fa4dcf41e453c0b42066e5d50eb7468c425c421764487df1d5
-
SHA512
ff7ea40fbf88066e256e42cb0dec1e187c61ffcb98d94532116f1b7890a499f5db5448603bb179b1346707b2c72c77fe15c48ddf07220e53d9e492814ff3b9e8
-
SSDEEP
49152:vEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gW9:vEjlmQbfgSgwvSnN4iVJuS0xJdzYUqg
Malware Config
Extracted
gozi
Targets
-
-
Target
83fc89db5db829fa4dcf41e453c0b42066e5d50eb7468c425c421764487df1d5
-
Size
3.4MB
-
MD5
31b4e07cdff57edbb77803fc460ab8c7
-
SHA1
91674dd50a9574efe9f2244bb8c767662701e51e
-
SHA256
83fc89db5db829fa4dcf41e453c0b42066e5d50eb7468c425c421764487df1d5
-
SHA512
ff7ea40fbf88066e256e42cb0dec1e187c61ffcb98d94532116f1b7890a499f5db5448603bb179b1346707b2c72c77fe15c48ddf07220e53d9e492814ff3b9e8
-
SSDEEP
49152:vEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gW9:vEjlmQbfgSgwvSnN4iVJuS0xJdzYUqg
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-