Analysis
-
max time kernel
141s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
01/03/2025, 17:39
Static task
static1
Behavioral task
behavioral1
Sample
a3ca02fdfe8d0ff9fe4f284d4700fd85c6fcff458bf7460ae0b23aa1c1c60ccc.exe
Resource
win7-20241010-en
General
-
Target
a3ca02fdfe8d0ff9fe4f284d4700fd85c6fcff458bf7460ae0b23aa1c1c60ccc.exe
-
Size
1.2MB
-
MD5
00d5ae7f7fc3f77ab69da2f9c757f960
-
SHA1
9794125c9cf362328cff5988dc7af803f38499bd
-
SHA256
a3ca02fdfe8d0ff9fe4f284d4700fd85c6fcff458bf7460ae0b23aa1c1c60ccc
-
SHA512
9b4b6567b9d5fa67c82383734ca820123267ac330136acaa4fb6d7291890465685cedd5153a5916c6fedc7a2ba3e25c06a860225610cfccfe27fb96e10bac6ec
-
SSDEEP
12288:qNyahrrcXVFaXQM265f8IHj+GAULolYCbUhVGOYLG72fERatPKd1rhGSZst/tpxw:q04kuCgsSYhEo3hfZkiZabwXO
Malware Config
Extracted
gozi
Signatures
-
Gozi family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language a3ca02fdfe8d0ff9fe4f284d4700fd85c6fcff458bf7460ae0b23aa1c1c60ccc.exe