General
-
Target
04732128b7057cc1c8f8ae18b36fedd62d91f015bb5c73ec6020507d467a1c64
-
Size
3.5MB
-
Sample
240523-2nlzsabh65
-
MD5
02b57782159b39cbdcea2f6236ca60d2
-
SHA1
910ed6cd32b9fa278eff0db51f41658a82bb7336
-
SHA256
04732128b7057cc1c8f8ae18b36fedd62d91f015bb5c73ec6020507d467a1c64
-
SHA512
8498e564fd11c0d7b7742ab44294dd813ff2f3a70982223d4785736d027562d846487a5737afd7e61856c734b86640eaae76b5693c88ab5015b07c7d0ba83197
-
SSDEEP
49152:CEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWy:CEjlmQbfgSgwvSnN4iVJuF0xfreseq9
Behavioral task
behavioral1
Sample
04732128b7057cc1c8f8ae18b36fedd62d91f015bb5c73ec6020507d467a1c64.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
04732128b7057cc1c8f8ae18b36fedd62d91f015bb5c73ec6020507d467a1c64.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
04732128b7057cc1c8f8ae18b36fedd62d91f015bb5c73ec6020507d467a1c64
-
Size
3.5MB
-
MD5
02b57782159b39cbdcea2f6236ca60d2
-
SHA1
910ed6cd32b9fa278eff0db51f41658a82bb7336
-
SHA256
04732128b7057cc1c8f8ae18b36fedd62d91f015bb5c73ec6020507d467a1c64
-
SHA512
8498e564fd11c0d7b7742ab44294dd813ff2f3a70982223d4785736d027562d846487a5737afd7e61856c734b86640eaae76b5693c88ab5015b07c7d0ba83197
-
SSDEEP
49152:CEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWy:CEjlmQbfgSgwvSnN4iVJuF0xfreseq9
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-