General
-
Target
fd798132c1603fe1832a71af9e768e8709ac606588d2e55ae0c437a72b8afd66
-
Size
163KB
-
Sample
240512-gsrqlsbh9s
-
MD5
a299f0deab224a9bbf9b261caab8e1b8
-
SHA1
24ece0d0c87bb5aedb02bd88f787aecd232daccb
-
SHA256
fd798132c1603fe1832a71af9e768e8709ac606588d2e55ae0c437a72b8afd66
-
SHA512
07be5e57c05e198d0334fbd53d16bf59adec8bf31daccbcdbb9fb14118f962b8eb0966484f133cff8df378bae6a0236be2c1fea2e780f51103d2c6c5a7d619c9
-
SSDEEP
1536:P0+bvcEmf7JPX95RpqjvTylProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:c+bkvFPzRpsvTyltOrWKDBr+yJb
Static task
static1
Behavioral task
behavioral1
Sample
fd798132c1603fe1832a71af9e768e8709ac606588d2e55ae0c437a72b8afd66.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fd798132c1603fe1832a71af9e768e8709ac606588d2e55ae0c437a72b8afd66.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
gozi
Targets
-
-
Target
fd798132c1603fe1832a71af9e768e8709ac606588d2e55ae0c437a72b8afd66
-
Size
163KB
-
MD5
a299f0deab224a9bbf9b261caab8e1b8
-
SHA1
24ece0d0c87bb5aedb02bd88f787aecd232daccb
-
SHA256
fd798132c1603fe1832a71af9e768e8709ac606588d2e55ae0c437a72b8afd66
-
SHA512
07be5e57c05e198d0334fbd53d16bf59adec8bf31daccbcdbb9fb14118f962b8eb0966484f133cff8df378bae6a0236be2c1fea2e780f51103d2c6c5a7d619c9
-
SSDEEP
1536:P0+bvcEmf7JPX95RpqjvTylProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:c+bkvFPzRpsvTyltOrWKDBr+yJb
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-