General
-
Target
file.exe
-
Size
5.9MB
-
Sample
240312-w1fqmsfh31
-
MD5
d21ebfa5e971bb5293c9de7a404792a1
-
SHA1
850cae6b28d100738547f8a86889d71ff5289073
-
SHA256
cb49adf3033abe1d446541a2b216b7cc9f50cd74494ec7d78dd365c952d3487b
-
SHA512
2fe8f296117e70a05fa24f0be9250fff84af339eed1bfe46d1c218a0210324b9e0f77ddaf6ad518eca8370fc3023238f7fa13f483f30c545c10fc2e02f973a6f
-
SSDEEP
49152:VdFCDWU2GG8XKQ3/cdt4osAZo5+cSAsAUSNlLOg/L1Jf2jTiQ/VoJu4E9/+j9Z29:VnCDL2uKecbO4ihsAUoDjj233NmmcPK7
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20231129-en
Malware Config
Extracted
gozi
Extracted
risepro
193.233.132.159:50500
Targets
-
-
Target
file.exe
-
Size
5.9MB
-
MD5
d21ebfa5e971bb5293c9de7a404792a1
-
SHA1
850cae6b28d100738547f8a86889d71ff5289073
-
SHA256
cb49adf3033abe1d446541a2b216b7cc9f50cd74494ec7d78dd365c952d3487b
-
SHA512
2fe8f296117e70a05fa24f0be9250fff84af339eed1bfe46d1c218a0210324b9e0f77ddaf6ad518eca8370fc3023238f7fa13f483f30c545c10fc2e02f973a6f
-
SSDEEP
49152:VdFCDWU2GG8XKQ3/cdt4osAZo5+cSAsAUSNlLOg/L1Jf2jTiQ/VoJu4E9/+j9Z29:VnCDL2uKecbO4ihsAUoDjj233NmmcPK7
-
Detect ZGRat V1
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-