Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    08-03-2024 04:25

General

  • Target

    gozi.dll

  • Size

    43KB

  • MD5

    9ef8d885645eda3a8e1cc37ada96a4cc

  • SHA1

    295c25d68f7d9d145a54ddc0b7f7034aea133ec0

  • SHA256

    a2c59a517b15887f20e0183d920412b17c6dc77f7eafbb434f37faab0a4d7757

  • SHA512

    5c14b0de7342fdd2ec64ebf095e2774eb0f201423bd0b370895f2da7d8991329c4c3a6c88f7e54b2fbc9f174bbbbb5da74583066f7cb797b6d3679ad12e130d7

  • SSDEEP

    768:Ns0zIQOuf1WrHWngROYD3Ps8WyAqa5v+BZ20efofs7gpdsmT:NsSIQO8184gRO8sxp+BE0efUs7K1T

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\gozi.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2916
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\gozi.dll,#1
      2⤵
        PID:2316

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads