General
-
Target
ff717e1878c20d1c2a920f80bac4bc7588f72c0b259bca3b4b212502e673b153
-
Size
3.5MB
-
Sample
240224-a2j9kadc25
-
MD5
07d25aeebb7fc869d5cd8419550e2073
-
SHA1
5289662d159711962da7452dc412f41f3df9b089
-
SHA256
ff717e1878c20d1c2a920f80bac4bc7588f72c0b259bca3b4b212502e673b153
-
SHA512
dd5c9fb578b943113799f7d82c801b160e4ca2070a95a856911669cf077234a1c97fb12c3300c60715c08116edf1663eccb9442516d9444bb1eff37706ecaaa6
-
SSDEEP
98304:AEjlmQbfgSgwvSnN4iVJur0xM/licQBqn:AEjgQPXq0/xQBqn
Behavioral task
behavioral1
Sample
ff717e1878c20d1c2a920f80bac4bc7588f72c0b259bca3b4b212502e673b153.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
ff717e1878c20d1c2a920f80bac4bc7588f72c0b259bca3b4b212502e673b153.exe
Resource
win10v2004-20240221-en
Malware Config
Extracted
gozi
Targets
-
-
Target
ff717e1878c20d1c2a920f80bac4bc7588f72c0b259bca3b4b212502e673b153
-
Size
3.5MB
-
MD5
07d25aeebb7fc869d5cd8419550e2073
-
SHA1
5289662d159711962da7452dc412f41f3df9b089
-
SHA256
ff717e1878c20d1c2a920f80bac4bc7588f72c0b259bca3b4b212502e673b153
-
SHA512
dd5c9fb578b943113799f7d82c801b160e4ca2070a95a856911669cf077234a1c97fb12c3300c60715c08116edf1663eccb9442516d9444bb1eff37706ecaaa6
-
SSDEEP
98304:AEjlmQbfgSgwvSnN4iVJur0xM/licQBqn:AEjgQPXq0/xQBqn
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-