General
-
Target
354478fe7f685fc854c7d1cc0cb36ba6b324cd6121b2aefc902f158836bde57b
-
Size
163KB
-
Sample
240601-yxsbdadf6w
-
MD5
a0fdc98f2a0237d8901a7b6b3463b23d
-
SHA1
57fa1d3a6001537599dfa8acfcba21c3bc6d9d8a
-
SHA256
354478fe7f685fc854c7d1cc0cb36ba6b324cd6121b2aefc902f158836bde57b
-
SHA512
47ba224b5ddb00599cb1d1ef4a498b99be3375903ccf12d9a212f14cf1e49a6088f18a91033e15ea392e7f5a9cb9130c2c37fae0bed9d4bd4dab1aecfbf47fab
-
SSDEEP
1536:PtYAtggM+s9Bl0R+wa1HN335mn4lxRinlProNVU4qNVUrk/9QbfBr+7GwKrPAsqE:VrmgM+sR0EM4ljinltOrWKDBr+yJb
Static task
static1
Behavioral task
behavioral1
Sample
354478fe7f685fc854c7d1cc0cb36ba6b324cd6121b2aefc902f158836bde57b.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
354478fe7f685fc854c7d1cc0cb36ba6b324cd6121b2aefc902f158836bde57b.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
gozi
Targets
-
-
Target
354478fe7f685fc854c7d1cc0cb36ba6b324cd6121b2aefc902f158836bde57b
-
Size
163KB
-
MD5
a0fdc98f2a0237d8901a7b6b3463b23d
-
SHA1
57fa1d3a6001537599dfa8acfcba21c3bc6d9d8a
-
SHA256
354478fe7f685fc854c7d1cc0cb36ba6b324cd6121b2aefc902f158836bde57b
-
SHA512
47ba224b5ddb00599cb1d1ef4a498b99be3375903ccf12d9a212f14cf1e49a6088f18a91033e15ea392e7f5a9cb9130c2c37fae0bed9d4bd4dab1aecfbf47fab
-
SSDEEP
1536:PtYAtggM+s9Bl0R+wa1HN335mn4lxRinlProNVU4qNVUrk/9QbfBr+7GwKrPAsqE:VrmgM+sR0EM4ljinltOrWKDBr+yJb
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-