General
-
Target
7b425ba154e29a76a235369f8e1b70f33f5d48f317e9c53b743cbfe5e1858a6f
-
Size
3.5MB
-
Sample
240524-d4sv9sbe4x
-
MD5
04fd12b4e1e493fe61d639cda9620e5b
-
SHA1
729a6e31398ea7eb8b6ed1a881c7667425a6e18d
-
SHA256
7b425ba154e29a76a235369f8e1b70f33f5d48f317e9c53b743cbfe5e1858a6f
-
SHA512
2443cca3bfc1cdb4f24a253d1cde8f3443bf743c921e19bfa57ec283e94381530631297b36fcf197af4e9bfbfee4e8f9ef789d29b2011bfdf3a5c66915e59096
-
SSDEEP
49152:NEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWn:NEjlmQbfgSgwvSnN4iVJuF0xfreseqc
Behavioral task
behavioral1
Sample
7b425ba154e29a76a235369f8e1b70f33f5d48f317e9c53b743cbfe5e1858a6f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7b425ba154e29a76a235369f8e1b70f33f5d48f317e9c53b743cbfe5e1858a6f.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
7b425ba154e29a76a235369f8e1b70f33f5d48f317e9c53b743cbfe5e1858a6f
-
Size
3.5MB
-
MD5
04fd12b4e1e493fe61d639cda9620e5b
-
SHA1
729a6e31398ea7eb8b6ed1a881c7667425a6e18d
-
SHA256
7b425ba154e29a76a235369f8e1b70f33f5d48f317e9c53b743cbfe5e1858a6f
-
SHA512
2443cca3bfc1cdb4f24a253d1cde8f3443bf743c921e19bfa57ec283e94381530631297b36fcf197af4e9bfbfee4e8f9ef789d29b2011bfdf3a5c66915e59096
-
SSDEEP
49152:NEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWn:NEjlmQbfgSgwvSnN4iVJuF0xfreseqc
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-