General
-
Target
f2e7605bdad56068e1bbcd3546caa40b0e8b52879f348e1f8d562187aca656ce
-
Size
3.4MB
-
Sample
240224-a3p67sdc48
-
MD5
359212b7d9d80cb27b76185ce987de38
-
SHA1
9235079786156301d07b15ff4a55555e073fa07a
-
SHA256
f2e7605bdad56068e1bbcd3546caa40b0e8b52879f348e1f8d562187aca656ce
-
SHA512
a5725262f85e636ad71ff122e5b4b3d61446b83a4d56353ee371cfa750961196bb755c16c0a7c4f1509adbe116c51a62a4f13f4f5ab6999fe286e6171f77f1ba
-
SSDEEP
49152:nEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gW8:nEjlmQbfgSgwvSnN4iVJuj0xSkvqo
Malware Config
Extracted
gozi
Targets
-
-
Target
f2e7605bdad56068e1bbcd3546caa40b0e8b52879f348e1f8d562187aca656ce
-
Size
3.4MB
-
MD5
359212b7d9d80cb27b76185ce987de38
-
SHA1
9235079786156301d07b15ff4a55555e073fa07a
-
SHA256
f2e7605bdad56068e1bbcd3546caa40b0e8b52879f348e1f8d562187aca656ce
-
SHA512
a5725262f85e636ad71ff122e5b4b3d61446b83a4d56353ee371cfa750961196bb755c16c0a7c4f1509adbe116c51a62a4f13f4f5ab6999fe286e6171f77f1ba
-
SSDEEP
49152:nEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gW8:nEjlmQbfgSgwvSnN4iVJuj0xSkvqo
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-