General
-
Target
3a71346426bb32b8659226c383ec23ffe2112674357dcd4008c9ddc11494b61e
-
Size
163KB
-
Sample
240518-y9v8ssee76
-
MD5
c03c44286bbf239317efa05f7601416c
-
SHA1
febbd3eb99bca8919f72a0cf693ca36b998e4e14
-
SHA256
3a71346426bb32b8659226c383ec23ffe2112674357dcd4008c9ddc11494b61e
-
SHA512
96df1f581970dcde8473740372f0448e63ffcf5ce6a41755a9006cd84df9e5a7f730d077ff6eb8287ff5107945a5893f6ee99fa2083d0ba29c88f6a72c7571e6
-
SSDEEP
3072:efBXDfkC/zKRaWdVZu2pFltOrWKDBr+yJb:ep7kC/OfVZuOFLOf
Static task
static1
Behavioral task
behavioral1
Sample
3a71346426bb32b8659226c383ec23ffe2112674357dcd4008c9ddc11494b61e.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
3a71346426bb32b8659226c383ec23ffe2112674357dcd4008c9ddc11494b61e.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
3a71346426bb32b8659226c383ec23ffe2112674357dcd4008c9ddc11494b61e
-
Size
163KB
-
MD5
c03c44286bbf239317efa05f7601416c
-
SHA1
febbd3eb99bca8919f72a0cf693ca36b998e4e14
-
SHA256
3a71346426bb32b8659226c383ec23ffe2112674357dcd4008c9ddc11494b61e
-
SHA512
96df1f581970dcde8473740372f0448e63ffcf5ce6a41755a9006cd84df9e5a7f730d077ff6eb8287ff5107945a5893f6ee99fa2083d0ba29c88f6a72c7571e6
-
SSDEEP
3072:efBXDfkC/zKRaWdVZu2pFltOrWKDBr+yJb:ep7kC/OfVZuOFLOf
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-