General

  • Target

    5695f47c4d45a9b732c0eeaa9386a3d033bb62625732af61be06c0f1d6f6b5c0

  • Size

    3.4MB

  • Sample

    240515-cqbt6ach97

  • MD5

    05deccf818c5c78de3b3d01174bd8b4c

  • SHA1

    6f267635d2a5e02912b1af9716ca6941115a8d83

  • SHA256

    5695f47c4d45a9b732c0eeaa9386a3d033bb62625732af61be06c0f1d6f6b5c0

  • SHA512

    c41c8c1fb376e54239b1801d1435e48df082f23a33090bc7bb2429c1cc374848243f0d53163784a0e8acbaa63e42d75d73397306d00bff1eea80580b0655f23e

  • SSDEEP

    49152:mEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWE:mEjlmQbfgSgwvSnN4iVJuR0xSVhkMPqj

Malware Config

Extracted

Family

gozi

Targets

    • Target

      5695f47c4d45a9b732c0eeaa9386a3d033bb62625732af61be06c0f1d6f6b5c0

    • Size

      3.4MB

    • MD5

      05deccf818c5c78de3b3d01174bd8b4c

    • SHA1

      6f267635d2a5e02912b1af9716ca6941115a8d83

    • SHA256

      5695f47c4d45a9b732c0eeaa9386a3d033bb62625732af61be06c0f1d6f6b5c0

    • SHA512

      c41c8c1fb376e54239b1801d1435e48df082f23a33090bc7bb2429c1cc374848243f0d53163784a0e8acbaa63e42d75d73397306d00bff1eea80580b0655f23e

    • SSDEEP

      49152:mEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWE:mEjlmQbfgSgwvSnN4iVJuR0xSVhkMPqj

    Score
    7/10
    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks