General
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://cdn.discordapp.com/attachments/1212951313307017216/1213302244553007124/spoofer_FUD_no_rat_ud_methode.exe?ex=65f4fac5&is=65e285c5&hm=e8dee1831a75b67f812c55e0e8bfbf098102a5ac79fdc46a19e30c00df52f9f2&
Resource
win10v2004-20240226-en
19 signatures
1200 seconds
Malware Config
Extracted
Family
gozi
Targets
-
-
Target
https://cdn.discordapp.com/attachments/1212951313307017216/1213302244553007124/spoofer_FUD_no_rat_ud_methode.exe?ex=65f4fac5&is=65e285c5&hm=e8dee1831a75b67f812c55e0e8bfbf098102a5ac79fdc46a19e30c00df52f9f2&
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-