General
-
Target
1816-147-0x00000000132A0000-0x0000000013F42000-memory.dmp
-
Size
12.6MB
-
Sample
240527-smthssge8x
-
MD5
19aa54a30ff7cdf81c177161976e6cd1
-
SHA1
605f4d808387e68475e6fc6bc6972bfe55e8a4c8
-
SHA256
3981304ae7cc29ceabc5c6286b9c690915c270900d2a78464fa22f6f56729563
-
SHA512
29a3ce73408da7c9c06d13511fb06c85cf8c41fce4fd192f5c150bd498caef05ea3b144fa6cdf6e7043250065bb00d2252874c9bee1bf1b888a67b23d42c3cff
-
SSDEEP
393216:1UFKsMorXmYwtQQlTX3zxPYvkS8Yy/CmnL4:18ZXmYw6AT1QExn
Behavioral task
behavioral1
Sample
1816-147-0x00000000132A0000-0x0000000013F42000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1816-147-0x00000000132A0000-0x0000000013F42000-memory.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
1816-147-0x00000000132A0000-0x0000000013F42000-memory.dmp
-
Size
12.6MB
-
MD5
19aa54a30ff7cdf81c177161976e6cd1
-
SHA1
605f4d808387e68475e6fc6bc6972bfe55e8a4c8
-
SHA256
3981304ae7cc29ceabc5c6286b9c690915c270900d2a78464fa22f6f56729563
-
SHA512
29a3ce73408da7c9c06d13511fb06c85cf8c41fce4fd192f5c150bd498caef05ea3b144fa6cdf6e7043250065bb00d2252874c9bee1bf1b888a67b23d42c3cff
-
SSDEEP
393216:1UFKsMorXmYwtQQlTX3zxPYvkS8Yy/CmnL4:18ZXmYw6AT1QExn
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-