General
-
Target
a9102ac3809f222b186591c2b6663f13d776be8331d642b82964fd8ad08b5012
-
Size
163KB
-
Sample
240522-fmf69acf28
-
MD5
1a3c903a62627632fdb80bbabeea8e49
-
SHA1
847712809c4fc60e79062a6029c841a8121ca195
-
SHA256
a9102ac3809f222b186591c2b6663f13d776be8331d642b82964fd8ad08b5012
-
SHA512
0b48396b731652fc6ece0aee9a80ecfd78f9d42e95f1ed409d19b9e4e4ff021851093f42485abebe230284ffa5f0d92641bccd29eba6677a0668812c9d183589
-
SSDEEP
1536:PepYe1vLk2hocKcUGOYyRlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:mptpLkDccYyltOrWKDBr+yJb
Static task
static1
Behavioral task
behavioral1
Sample
a9102ac3809f222b186591c2b6663f13d776be8331d642b82964fd8ad08b5012.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a9102ac3809f222b186591c2b6663f13d776be8331d642b82964fd8ad08b5012.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
a9102ac3809f222b186591c2b6663f13d776be8331d642b82964fd8ad08b5012
-
Size
163KB
-
MD5
1a3c903a62627632fdb80bbabeea8e49
-
SHA1
847712809c4fc60e79062a6029c841a8121ca195
-
SHA256
a9102ac3809f222b186591c2b6663f13d776be8331d642b82964fd8ad08b5012
-
SHA512
0b48396b731652fc6ece0aee9a80ecfd78f9d42e95f1ed409d19b9e4e4ff021851093f42485abebe230284ffa5f0d92641bccd29eba6677a0668812c9d183589
-
SSDEEP
1536:PepYe1vLk2hocKcUGOYyRlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:mptpLkDccYyltOrWKDBr+yJb
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-