General
-
Target
ad31fdc24bf08ff3caa4ca62cc7e0228b93c0f6ffc571f6f44ba182520d80958
-
Size
163KB
-
Sample
240607-fsdnbaaa8t
-
MD5
0f7ab0fd414567e38cba4f60e2cfe680
-
SHA1
f0a4ddaa0e1dfa915300b9ba657379d60fe3e231
-
SHA256
ad31fdc24bf08ff3caa4ca62cc7e0228b93c0f6ffc571f6f44ba182520d80958
-
SHA512
d116bbbfe9d596e7aadd11c150cea73ae1b048fbfcdcf49df25b7c08bc080c06293878448168426db411040f02a089e2314101a3ed15d3905f863828a1d037b6
-
SSDEEP
3072:2bSkUg5LLn0RMf6ADqMltOrWKDBr+yJb:2bSkUg5LLn0yf6+qMLOf
Static task
static1
Behavioral task
behavioral1
Sample
ad31fdc24bf08ff3caa4ca62cc7e0228b93c0f6ffc571f6f44ba182520d80958.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ad31fdc24bf08ff3caa4ca62cc7e0228b93c0f6ffc571f6f44ba182520d80958.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
ad31fdc24bf08ff3caa4ca62cc7e0228b93c0f6ffc571f6f44ba182520d80958
-
Size
163KB
-
MD5
0f7ab0fd414567e38cba4f60e2cfe680
-
SHA1
f0a4ddaa0e1dfa915300b9ba657379d60fe3e231
-
SHA256
ad31fdc24bf08ff3caa4ca62cc7e0228b93c0f6ffc571f6f44ba182520d80958
-
SHA512
d116bbbfe9d596e7aadd11c150cea73ae1b048fbfcdcf49df25b7c08bc080c06293878448168426db411040f02a089e2314101a3ed15d3905f863828a1d037b6
-
SSDEEP
3072:2bSkUg5LLn0RMf6ADqMltOrWKDBr+yJb:2bSkUg5LLn0yf6+qMLOf
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-