gozi | f8cc73b88d57cbccc23cd3e662964d4975fe7a0fb9a6e963f6b3db6ef9a2bf7a | Triage

Submit
Reports

Overview

overview

Static

static

2024-06-22...il.exe

windows7-x64

1

2024-06-22...il.exe

windows10-2004-x64

1

Sharing

General

Target

2024-06-22_d1e76ac89ef725cb96c7b94fb1b291b3_avoslocker_revil
Size

7.0MB
Sample

240622-rhbazsvfqj
MD5

d1e76ac89ef725cb96c7b94fb1b291b3
SHA1

65377e474f9a22edfdc5f963e95ce203c57d053c
SHA256

f8cc73b88d57cbccc23cd3e662964d4975fe7a0fb9a6e963f6b3db6ef9a2bf7a
SHA512

49d174132ec173717da11b77aa17fe37aea2a73596c781e5e6c05d33c63ff9e155bd6ec6a74b48713f05c65f877f861531e663a6c8e088ab468a020964673bc7
SSDEEP

98304:TtIjZBgm3Qxr0G7pSeFFAYtTKrFud7UNpNkjh31fdrlnWSoGFV4nF42UG+ItVfey:+XEgDY6sh31fdrlnWSoGFVKF42D+kqq

Score

10^/10

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-06-22_d1e76ac89ef725cb96c7b94fb1b291b3_avoslocker_revil.exe

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-06-22_d1e76ac89ef725cb96c7b94fb1b291b3_avoslocker_revil.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  2024-06-22_d1e76ac89ef725cb96c7b94fb1b291b3_avoslocker_revil
- Size
  
  7.0MB
- MD5
  
  d1e76ac89ef725cb96c7b94fb1b291b3
- SHA1
  
  65377e474f9a22edfdc5f963e95ce203c57d053c
- SHA256
  
  f8cc73b88d57cbccc23cd3e662964d4975fe7a0fb9a6e963f6b3db6ef9a2bf7a
- SHA512
  
  49d174132ec173717da11b77aa17fe37aea2a73596c781e5e6c05d33c63ff9e155bd6ec6a74b48713f05c65f877f861531e663a6c8e088ab468a020964673bc7
- SSDEEP
  
  98304:TtIjZBgm3Qxr0G7pSeFFAYtTKrFud7UNpNkjh31fdrlnWSoGFV4nF42UG+ItVfey:+XEgDY6sh31fdrlnWSoGFVKF42D+kqq
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy