General
-
Target
1064209b82e6125f69c084040f0b6974318e4177827ee3aa0677854f3b9d6ad9.exe
-
Size
3.0MB
-
Sample
241123-v5bf2synbv
-
MD5
da71f21e17cbdbaa61559208f749b05a
-
SHA1
25bbda63d584499839fc74176347eba9123a5aec
-
SHA256
1064209b82e6125f69c084040f0b6974318e4177827ee3aa0677854f3b9d6ad9
-
SHA512
39af3c295fd18e912f94fb0547204f0007c1aab60086f0f087eb0a68f37027a8587b5c229f497a1383d1b1ee813bb27f7960de8e65e088e8ff4e2fbcf2b88815
-
SSDEEP
49152:NM6QvSFjoSiwYdqtQwx4HIkfBusKoXMhQqcZocr9ZRKDW9YMNf0P0ZUKLo/l:NMFwESiPd+mok6hQroCKDWWMxUKLo/l
Behavioral task
behavioral1
Sample
1064209b82e6125f69c084040f0b6974318e4177827ee3aa0677854f3b9d6ad9.exe
Resource
win7-20240708-en
Malware Config
Extracted
gozi
Targets
-
-
Target
1064209b82e6125f69c084040f0b6974318e4177827ee3aa0677854f3b9d6ad9.exe
-
Size
3.0MB
-
MD5
da71f21e17cbdbaa61559208f749b05a
-
SHA1
25bbda63d584499839fc74176347eba9123a5aec
-
SHA256
1064209b82e6125f69c084040f0b6974318e4177827ee3aa0677854f3b9d6ad9
-
SHA512
39af3c295fd18e912f94fb0547204f0007c1aab60086f0f087eb0a68f37027a8587b5c229f497a1383d1b1ee813bb27f7960de8e65e088e8ff4e2fbcf2b88815
-
SSDEEP
49152:NM6QvSFjoSiwYdqtQwx4HIkfBusKoXMhQqcZocr9ZRKDW9YMNf0P0ZUKLo/l:NMFwESiPd+mok6hQroCKDWWMxUKLo/l
-
Gozi family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-