General

  • Target

    4ca6714cb03844ea9af81cafb3ce1d17085c076df7d342886167e78278ddd52f

  • Size

    3.5MB

  • Sample

    240311-rdt8asce7z

  • MD5

    29125ea831be9904f0aae5d32aea3008

  • SHA1

    de196d2e4b1a65d940e6d61a0a0b6d430527b4f7

  • SHA256

    4ca6714cb03844ea9af81cafb3ce1d17085c076df7d342886167e78278ddd52f

  • SHA512

    0dd4fb760b715feebab5132822e53a27bd5d3cb6516a6b3ddef0be616338c5fe68645bc37e19cefc39c48ad45459bece563f5713e7f5850615e2ddadf0ab5a49

  • SSDEEP

    49152:fEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWp:fEjlmQbfgSgwvSnN4iVJub0xtrNIJqC

Malware Config

Extracted

Family

gozi

Targets

    • Target

      4ca6714cb03844ea9af81cafb3ce1d17085c076df7d342886167e78278ddd52f

    • Size

      3.5MB

    • MD5

      29125ea831be9904f0aae5d32aea3008

    • SHA1

      de196d2e4b1a65d940e6d61a0a0b6d430527b4f7

    • SHA256

      4ca6714cb03844ea9af81cafb3ce1d17085c076df7d342886167e78278ddd52f

    • SHA512

      0dd4fb760b715feebab5132822e53a27bd5d3cb6516a6b3ddef0be616338c5fe68645bc37e19cefc39c48ad45459bece563f5713e7f5850615e2ddadf0ab5a49

    • SSDEEP

      49152:fEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWp:fEjlmQbfgSgwvSnN4iVJub0xtrNIJqC

    Score
    7/10
    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks