General
-
Target
EacDriverBE.zip
-
Size
4.7MB
-
Sample
240527-v36jeacf88
-
MD5
037e1a81299dccb9cfae3f27fda2d046
-
SHA1
52b0fbc930bfb72a4775d39da91c69d46734c00a
-
SHA256
d4fd84db4cd115337bc9d97179df644966942b5f0574e0df6551cf32cfd869a2
-
SHA512
31f4c453a1240f657b627704fb0a4696055b470521bb7652257588e343bb6ea2531650dc8e03ffcd4253058a5b14a4fe5e1011856e97ea3f12439fac959fd312
-
SSDEEP
98304:nrx2fHCQ+pGZf7h4Ps7Fik7PEhJtvtXogrf4EKDTplvgKj1TEjacMfI07Uvs/oqg:AfHCQT7h4U7gk7PEhbZo0f4EKXvgKBmf
Static task
static1
Behavioral task
behavioral1
Sample
EacDriverBE.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
EacDriverBE.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
obs.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
obs.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
EacDriverBE.exe
-
Size
11KB
-
MD5
c6b2c74b647dcbbea223c51925c5c7dd
-
SHA1
071fa2b1394d2c95553149fd5eb643e0291927b3
-
SHA256
c5f1d37d96ed0788783f626a376144f85887a182155fed3b637744d9d9215a22
-
SHA512
ff1d378751d2722c165293b1dbefccc9aad42cb653f20178bbcbbc3318d6da0592e9099b7030f268c7cd60bc3e782ed2d66ddbf485391596f659b1e4c3c47b6c
-
SSDEEP
192:5S8JnK2fj6JIFjsJwpVwP456gijoVIgMa42JjrUxF59ooFIda:5S92L5FIJw/wgAjE7MeJvYooFi
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
obs.exe
-
Size
6.5MB
-
MD5
0ec68a9e8e307c5524a3ed3b4af0aa25
-
SHA1
f104cf37be5ce21697ccb298d702622a40175498
-
SHA256
cfa5a87d7abdcfb6275e97e4d6ebba3de10267076e92dbac096bbb00b0db8a81
-
SHA512
cdd6d773921af10a81674294902531b0606038433db26bc0e8ed8a5b2ff559fe3ad28d2bfb29fcac738d83199b98aa01bf2ff0ada37cc328831c229c2f6a5369
-
SSDEEP
98304:YscLPkFKpdZpWBs97iYfPAJXfF/6mwcLqNUYL5vgejxTEfIUbXAgribh52uW:YJPrZpWS9WYfPAJNZOvgeNmbX54b9
Score1/10 -