General
-
Target
ca74c639c67fc1302b5897a17f45dd5d555e9aaa23f525d0550242119ffe8b3d
-
Size
3.4MB
-
Sample
240224-a2mdxsea2y
-
MD5
0e94872cb22b6f84c135a588f5b92886
-
SHA1
00528e52e1e22929e2369695aad3f9d093893eb7
-
SHA256
ca74c639c67fc1302b5897a17f45dd5d555e9aaa23f525d0550242119ffe8b3d
-
SHA512
58a88589ce6c60b24e240c8a14bdcc69ec034efc5299b0f1ebf78a3b4cea7add88086185d210807b21d887e4eca4bcbe0d1d6e642f83bf183aace1886d8ed517
-
SSDEEP
49152:1EjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWm:1EjlmQbfgSgwvSnN4iVJuS0xJdzYUqP
Behavioral task
behavioral1
Sample
ca74c639c67fc1302b5897a17f45dd5d555e9aaa23f525d0550242119ffe8b3d.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ca74c639c67fc1302b5897a17f45dd5d555e9aaa23f525d0550242119ffe8b3d.exe
Resource
win10v2004-20240221-en
Malware Config
Extracted
gozi
Targets
-
-
Target
ca74c639c67fc1302b5897a17f45dd5d555e9aaa23f525d0550242119ffe8b3d
-
Size
3.4MB
-
MD5
0e94872cb22b6f84c135a588f5b92886
-
SHA1
00528e52e1e22929e2369695aad3f9d093893eb7
-
SHA256
ca74c639c67fc1302b5897a17f45dd5d555e9aaa23f525d0550242119ffe8b3d
-
SHA512
58a88589ce6c60b24e240c8a14bdcc69ec034efc5299b0f1ebf78a3b4cea7add88086185d210807b21d887e4eca4bcbe0d1d6e642f83bf183aace1886d8ed517
-
SSDEEP
49152:1EjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWm:1EjlmQbfgSgwvSnN4iVJuS0xJdzYUqP
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-