General
-
Target
8c8258d4f436609fed0531466e8176c4a19ca3bee4c5dd80799c5f8735db4dc1
-
Size
3.5MB
-
Sample
240524-eb489sbh3s
-
MD5
050bfea963be8e25ad7a04a07198936d
-
SHA1
6e24177fd9daf8f7979aaefd2d406a26adc9be6b
-
SHA256
8c8258d4f436609fed0531466e8176c4a19ca3bee4c5dd80799c5f8735db4dc1
-
SHA512
64aee4231e4cab19c2f958207ffcf391e006e1e32472559bf5973f82190170063c670aa0810a1731910dc48dd8d20751b31f3894ae16c818c16ef890580b26a5
-
SSDEEP
98304:nEjlmQbfgSgwvSnN4iVJur0xM/licQBq4:nEjgQPXq0/xQBq4
Behavioral task
behavioral1
Sample
8c8258d4f436609fed0531466e8176c4a19ca3bee4c5dd80799c5f8735db4dc1.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
8c8258d4f436609fed0531466e8176c4a19ca3bee4c5dd80799c5f8735db4dc1.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
8c8258d4f436609fed0531466e8176c4a19ca3bee4c5dd80799c5f8735db4dc1
-
Size
3.5MB
-
MD5
050bfea963be8e25ad7a04a07198936d
-
SHA1
6e24177fd9daf8f7979aaefd2d406a26adc9be6b
-
SHA256
8c8258d4f436609fed0531466e8176c4a19ca3bee4c5dd80799c5f8735db4dc1
-
SHA512
64aee4231e4cab19c2f958207ffcf391e006e1e32472559bf5973f82190170063c670aa0810a1731910dc48dd8d20751b31f3894ae16c818c16ef890580b26a5
-
SSDEEP
98304:nEjlmQbfgSgwvSnN4iVJur0xM/licQBq4:nEjgQPXq0/xQBq4
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-