General
-
Target
b91fec1f73b46d2b747f206707dd0301deeaf06a2a06087b3c0bc4737f8f4557
-
Size
163KB
-
Sample
240625-b4yemsteng
-
MD5
f7362d6df73c2c1db4a1e25e8dafd8a3
-
SHA1
d160b1aa07b06045bffecd86ad495a41fd407706
-
SHA256
b91fec1f73b46d2b747f206707dd0301deeaf06a2a06087b3c0bc4737f8f4557
-
SHA512
13e377a4bac7b5a45ecce34871ce94dbdd74de75c63e8f7b7b8bd12d7ef07018a0fe6e3be9b975eafd0112d658dbaafb0822e1a77326dc7ab474791c45c008d3
-
SSDEEP
1536:PRZZV4Oz6bdI543vDOW4ImlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:pPVbz625277jmltOrWKDBr+yJb
Static task
static1
Behavioral task
behavioral1
Sample
b91fec1f73b46d2b747f206707dd0301deeaf06a2a06087b3c0bc4737f8f4557.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b91fec1f73b46d2b747f206707dd0301deeaf06a2a06087b3c0bc4737f8f4557.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
b91fec1f73b46d2b747f206707dd0301deeaf06a2a06087b3c0bc4737f8f4557
-
Size
163KB
-
MD5
f7362d6df73c2c1db4a1e25e8dafd8a3
-
SHA1
d160b1aa07b06045bffecd86ad495a41fd407706
-
SHA256
b91fec1f73b46d2b747f206707dd0301deeaf06a2a06087b3c0bc4737f8f4557
-
SHA512
13e377a4bac7b5a45ecce34871ce94dbdd74de75c63e8f7b7b8bd12d7ef07018a0fe6e3be9b975eafd0112d658dbaafb0822e1a77326dc7ab474791c45c008d3
-
SSDEEP
1536:PRZZV4Oz6bdI543vDOW4ImlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:pPVbz625277jmltOrWKDBr+yJb
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-