General
-
Target
28d86d9aa5ce8c810222c62ab65c1ee744b6694e7e9f466d4fb4f54978a4a9f8
-
Size
3.4MB
-
Sample
240524-ffhfqsdh9z
-
MD5
0a15e27e8ff4f65aa40962e34f07171e
-
SHA1
60ef38a55594521126745dc81116f0ab661f90cf
-
SHA256
28d86d9aa5ce8c810222c62ab65c1ee744b6694e7e9f466d4fb4f54978a4a9f8
-
SHA512
a114410c6212884d5dc165bb805b5761a6075e49072f190db97d678fa9ea41299b05223c6095bab39c58058e6a0d2a6544a0554cd1b20da83e75f0f668c0a8f4
-
SSDEEP
49152:hEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWx:hEjlmQbfgSgwvSnN4iVJuS0xJdzYUqA
Behavioral task
behavioral1
Sample
28d86d9aa5ce8c810222c62ab65c1ee744b6694e7e9f466d4fb4f54978a4a9f8.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
28d86d9aa5ce8c810222c62ab65c1ee744b6694e7e9f466d4fb4f54978a4a9f8.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
gozi
Targets
-
-
Target
28d86d9aa5ce8c810222c62ab65c1ee744b6694e7e9f466d4fb4f54978a4a9f8
-
Size
3.4MB
-
MD5
0a15e27e8ff4f65aa40962e34f07171e
-
SHA1
60ef38a55594521126745dc81116f0ab661f90cf
-
SHA256
28d86d9aa5ce8c810222c62ab65c1ee744b6694e7e9f466d4fb4f54978a4a9f8
-
SHA512
a114410c6212884d5dc165bb805b5761a6075e49072f190db97d678fa9ea41299b05223c6095bab39c58058e6a0d2a6544a0554cd1b20da83e75f0f668c0a8f4
-
SSDEEP
49152:hEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWx:hEjlmQbfgSgwvSnN4iVJuS0xJdzYUqA
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-