General
-
Target
a692aa023f49797c868df6e5cd185d117dcc51dbf3135a690fef064bc5204fbe
-
Size
163KB
-
Sample
240514-a4p8lacg84
-
MD5
98bcd401fd3e05cf78b995886ca57571
-
SHA1
b04c54ef5638f28014c8d4aee796c4d7b2579d87
-
SHA256
a692aa023f49797c868df6e5cd185d117dcc51dbf3135a690fef064bc5204fbe
-
SHA512
32ef674054e104cbcdf83d9fcf86462635495b198b77825699d0b4ae68b8bfff9a89faeb3042d51d4409d6ec45612533ede38cb83ff166092c463d01ee7e0299
-
SSDEEP
3072:yN9A/PfSEsmv5zvVeSlN8vAltOrWKDBr+yJb:yzyXScvVUvALOf
Static task
static1
Behavioral task
behavioral1
Sample
a692aa023f49797c868df6e5cd185d117dcc51dbf3135a690fef064bc5204fbe.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a692aa023f49797c868df6e5cd185d117dcc51dbf3135a690fef064bc5204fbe.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
gozi
Targets
-
-
Target
a692aa023f49797c868df6e5cd185d117dcc51dbf3135a690fef064bc5204fbe
-
Size
163KB
-
MD5
98bcd401fd3e05cf78b995886ca57571
-
SHA1
b04c54ef5638f28014c8d4aee796c4d7b2579d87
-
SHA256
a692aa023f49797c868df6e5cd185d117dcc51dbf3135a690fef064bc5204fbe
-
SHA512
32ef674054e104cbcdf83d9fcf86462635495b198b77825699d0b4ae68b8bfff9a89faeb3042d51d4409d6ec45612533ede38cb83ff166092c463d01ee7e0299
-
SSDEEP
3072:yN9A/PfSEsmv5zvVeSlN8vAltOrWKDBr+yJb:yzyXScvVUvALOf
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-