General
-
Target
54ba260ec3e0477b1b7c83bf5a4c1cdc561e5b0b53b33fb472df7b6458933b7b
-
Size
3.4MB
-
Sample
240524-ffhrhaea2s
-
MD5
09bc353c0cee48f379129b6730ef9522
-
SHA1
454aa2bc762886e101a3e780ed5a8e2bfacee9ac
-
SHA256
54ba260ec3e0477b1b7c83bf5a4c1cdc561e5b0b53b33fb472df7b6458933b7b
-
SHA512
fead684a4a0763c221bb797a060004f0702c0fb1590e050a4f258b9e9c314e3047c2ab3b44f2980dc6738d459e90076d4b8b8e5d6cc72ac89fddf21bf16e43cb
-
SSDEEP
49152:UEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWc:UEjlmQbfgSgwvSnN4iVJuS0xJdzYUql
Behavioral task
behavioral1
Sample
54ba260ec3e0477b1b7c83bf5a4c1cdc561e5b0b53b33fb472df7b6458933b7b.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
54ba260ec3e0477b1b7c83bf5a4c1cdc561e5b0b53b33fb472df7b6458933b7b.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
gozi
Targets
-
-
Target
54ba260ec3e0477b1b7c83bf5a4c1cdc561e5b0b53b33fb472df7b6458933b7b
-
Size
3.4MB
-
MD5
09bc353c0cee48f379129b6730ef9522
-
SHA1
454aa2bc762886e101a3e780ed5a8e2bfacee9ac
-
SHA256
54ba260ec3e0477b1b7c83bf5a4c1cdc561e5b0b53b33fb472df7b6458933b7b
-
SHA512
fead684a4a0763c221bb797a060004f0702c0fb1590e050a4f258b9e9c314e3047c2ab3b44f2980dc6738d459e90076d4b8b8e5d6cc72ac89fddf21bf16e43cb
-
SSDEEP
49152:UEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWc:UEjlmQbfgSgwvSnN4iVJuS0xJdzYUql
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-