General
-
Target
13afd28bc31c09e22573900f082dd1cd99fcdda625ed405da209114268f8398a
-
Size
163KB
-
Sample
240514-xhdn1aah8x
-
MD5
03e82c38b4a49dcc13f13018246ad4e4
-
SHA1
be77ce0b1fc33da8e91d5ea2a193512c8fcb7576
-
SHA256
13afd28bc31c09e22573900f082dd1cd99fcdda625ed405da209114268f8398a
-
SHA512
e1bcb394604d59ed7731b265c3d21a48b3bddbb6b8f1f30125324d27f04c17e95b611ddf0ff1c611dd590952781d1567c2095c43c098b95817a479d25b520a30
-
SSDEEP
1536:PLx/xmtXHA4oMtwMGagQvPmqQjA8x+lProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:j8HAFawPaHGt9x+ltOrWKDBr+yJb
Static task
static1
Behavioral task
behavioral1
Sample
13afd28bc31c09e22573900f082dd1cd99fcdda625ed405da209114268f8398a.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
13afd28bc31c09e22573900f082dd1cd99fcdda625ed405da209114268f8398a.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
gozi
Targets
-
-
Target
13afd28bc31c09e22573900f082dd1cd99fcdda625ed405da209114268f8398a
-
Size
163KB
-
MD5
03e82c38b4a49dcc13f13018246ad4e4
-
SHA1
be77ce0b1fc33da8e91d5ea2a193512c8fcb7576
-
SHA256
13afd28bc31c09e22573900f082dd1cd99fcdda625ed405da209114268f8398a
-
SHA512
e1bcb394604d59ed7731b265c3d21a48b3bddbb6b8f1f30125324d27f04c17e95b611ddf0ff1c611dd590952781d1567c2095c43c098b95817a479d25b520a30
-
SSDEEP
1536:PLx/xmtXHA4oMtwMGagQvPmqQjA8x+lProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:j8HAFawPaHGt9x+ltOrWKDBr+yJb
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-