General
-
Target
4ca6714cb03844ea9af81cafb3ce1d17085c076df7d342886167e78278ddd52f
-
Size
3.5MB
-
Sample
240311-rdt8asce7z
-
MD5
29125ea831be9904f0aae5d32aea3008
-
SHA1
de196d2e4b1a65d940e6d61a0a0b6d430527b4f7
-
SHA256
4ca6714cb03844ea9af81cafb3ce1d17085c076df7d342886167e78278ddd52f
-
SHA512
0dd4fb760b715feebab5132822e53a27bd5d3cb6516a6b3ddef0be616338c5fe68645bc37e19cefc39c48ad45459bece563f5713e7f5850615e2ddadf0ab5a49
-
SSDEEP
49152:fEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWp:fEjlmQbfgSgwvSnN4iVJub0xtrNIJqC
Behavioral task
behavioral1
Sample
4ca6714cb03844ea9af81cafb3ce1d17085c076df7d342886167e78278ddd52f.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
4ca6714cb03844ea9af81cafb3ce1d17085c076df7d342886167e78278ddd52f.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
gozi
Targets
-
-
Target
4ca6714cb03844ea9af81cafb3ce1d17085c076df7d342886167e78278ddd52f
-
Size
3.5MB
-
MD5
29125ea831be9904f0aae5d32aea3008
-
SHA1
de196d2e4b1a65d940e6d61a0a0b6d430527b4f7
-
SHA256
4ca6714cb03844ea9af81cafb3ce1d17085c076df7d342886167e78278ddd52f
-
SHA512
0dd4fb760b715feebab5132822e53a27bd5d3cb6516a6b3ddef0be616338c5fe68645bc37e19cefc39c48ad45459bece563f5713e7f5850615e2ddadf0ab5a49
-
SSDEEP
49152:fEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWp:fEjlmQbfgSgwvSnN4iVJub0xtrNIJqC
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-