General
-
Target
b9f257a77085fa24454f344a81c872e5f8fcc2088646345fd23b9554d8450f22
-
Size
163KB
-
Sample
240612-dyz3dszcpe
-
MD5
48ece8e85ae677e976e36afc007196d7
-
SHA1
489785357087eb275df293d0cdb171ababc35481
-
SHA256
b9f257a77085fa24454f344a81c872e5f8fcc2088646345fd23b9554d8450f22
-
SHA512
93d2d63f6bfd2a12bb4d340fa6641bd74d79abd959f5c7f4389762bc8f8ece27cd97ca8f4cdcf0a1967a3b55b193b916740d5cd6f6ecf6c088afc605670de974
-
SSDEEP
3072:QIKkWlDpJhT96hYSvh3OfqltOrWKDBr+yJb:QIoD5Qdh3GqLOf
Static task
static1
Behavioral task
behavioral1
Sample
b9f257a77085fa24454f344a81c872e5f8fcc2088646345fd23b9554d8450f22.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
b9f257a77085fa24454f344a81c872e5f8fcc2088646345fd23b9554d8450f22.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
b9f257a77085fa24454f344a81c872e5f8fcc2088646345fd23b9554d8450f22
-
Size
163KB
-
MD5
48ece8e85ae677e976e36afc007196d7
-
SHA1
489785357087eb275df293d0cdb171ababc35481
-
SHA256
b9f257a77085fa24454f344a81c872e5f8fcc2088646345fd23b9554d8450f22
-
SHA512
93d2d63f6bfd2a12bb4d340fa6641bd74d79abd959f5c7f4389762bc8f8ece27cd97ca8f4cdcf0a1967a3b55b193b916740d5cd6f6ecf6c088afc605670de974
-
SSDEEP
3072:QIKkWlDpJhT96hYSvh3OfqltOrWKDBr+yJb:QIoD5Qdh3GqLOf
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-