gozi | 35e346550a57e855a05f2623ac136ad746f0ef64cce547e65f2a19aa7b0d697a | Triage

Submit
Reports

Overview

overview

Static

static

a0c219625b...5b.exe

windows7-x64

7

a0c219625b...5b.exe

windows10-2004-x64

7

Sharing

General

Target

a0c219625b2b62397124e31086ea695b
Size

2.7MB
Sample

240224-ddal1afa87
MD5

a0c219625b2b62397124e31086ea695b
SHA1

8f0a69aeec7dfee1c7a9a6cb852c37bc18b31ab1
SHA256

35e346550a57e855a05f2623ac136ad746f0ef64cce547e65f2a19aa7b0d697a
SHA512

ff36e7e6c673559bccc0d12481e9cad6580dabac2532cc1cd328762d2051a2acb3222959f27f547091bbd28e12b6714b19e9299473be3201f5dfe09281e0bcaf
SSDEEP

49152:/BGTHAUiOWumhncjwj0tXnWR9mmp0oQipdAjXyt9/Z+38MBEuHgkNR9j:pGTHAyjLWHmmp0oFpoi3/b4EufHj

Score

10^/10

gozi isfb upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

a0c219625b2b62397124e31086ea695b.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

a0c219625b2b62397124e31086ea695b.exe

Resource

win10v2004-20240221-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  a0c219625b2b62397124e31086ea695b
- Size
  
  2.7MB
- MD5
  
  a0c219625b2b62397124e31086ea695b
- SHA1
  
  8f0a69aeec7dfee1c7a9a6cb852c37bc18b31ab1
- SHA256
  
  35e346550a57e855a05f2623ac136ad746f0ef64cce547e65f2a19aa7b0d697a
- SHA512
  
  ff36e7e6c673559bccc0d12481e9cad6580dabac2532cc1cd328762d2051a2acb3222959f27f547091bbd28e12b6714b19e9299473be3201f5dfe09281e0bcaf
- SSDEEP
  
  49152:/BGTHAUiOWumhncjwj0tXnWR9mmp0oQipdAjXyt9/Z+38MBEuHgkNR9j:pGTHAyjLWHmmp0oFpoi3/b4EufHj
Score

7^/10

upx
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy