General
-
Target
7bd1791d0c3cb9d63e641fb2002726b45c189a58d4d9951a29e2a08c3627e3dc
-
Size
163KB
-
Sample
240518-21d5psdb37
-
MD5
2c581380bd8412381f24d49e6cc3f4cb
-
SHA1
bddc7da41b44b4049e9c9f6d831fee2c0ab57510
-
SHA256
7bd1791d0c3cb9d63e641fb2002726b45c189a58d4d9951a29e2a08c3627e3dc
-
SHA512
464c52477bd06a34418129e1d1eca0cdeb1f6f6d19ee652ed9e108501c40c58a980e654dbf80e348ae826c9a0bedd5aae6c3942d9741a920a519e979b0b51a00
-
SSDEEP
1536:PRb6ojY+LowzM3lD1qvFlB3allProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:5LFaqNlBalltOrWKDBr+yJb
Static task
static1
Behavioral task
behavioral1
Sample
7bd1791d0c3cb9d63e641fb2002726b45c189a58d4d9951a29e2a08c3627e3dc.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7bd1791d0c3cb9d63e641fb2002726b45c189a58d4d9951a29e2a08c3627e3dc.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
gozi
Targets
-
-
Target
7bd1791d0c3cb9d63e641fb2002726b45c189a58d4d9951a29e2a08c3627e3dc
-
Size
163KB
-
MD5
2c581380bd8412381f24d49e6cc3f4cb
-
SHA1
bddc7da41b44b4049e9c9f6d831fee2c0ab57510
-
SHA256
7bd1791d0c3cb9d63e641fb2002726b45c189a58d4d9951a29e2a08c3627e3dc
-
SHA512
464c52477bd06a34418129e1d1eca0cdeb1f6f6d19ee652ed9e108501c40c58a980e654dbf80e348ae826c9a0bedd5aae6c3942d9741a920a519e979b0b51a00
-
SSDEEP
1536:PRb6ojY+LowzM3lD1qvFlB3allProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:5LFaqNlBalltOrWKDBr+yJb
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-