General
-
Target
22bf006e47899384916bca7ff03f3b4f07380471c60e3bf52345138a8aacc377
-
Size
163KB
-
Sample
240626-xvpl2a1fnj
-
MD5
053ff9fdd0d1d063d496a33eca89b8ca
-
SHA1
b9bf169836c3c93fe60ed67c285badd47f2554ca
-
SHA256
22bf006e47899384916bca7ff03f3b4f07380471c60e3bf52345138a8aacc377
-
SHA512
f42c02d06493fcfd77aa94a6c6f0406802b64dbe720caae52a51233c5b539b25557f681137041f6fba3d8be721c1e93bab6dbf3794998824b8deefd4896816a3
-
SSDEEP
1536:P0URnrXXSZEo828X6YZ5AH8ilProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:BRri1DYZ+HzltOrWKDBr+yJb
Static task
static1
Behavioral task
behavioral1
Sample
22bf006e47899384916bca7ff03f3b4f07380471c60e3bf52345138a8aacc377.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
22bf006e47899384916bca7ff03f3b4f07380471c60e3bf52345138a8aacc377.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
gozi
Targets
-
-
Target
22bf006e47899384916bca7ff03f3b4f07380471c60e3bf52345138a8aacc377
-
Size
163KB
-
MD5
053ff9fdd0d1d063d496a33eca89b8ca
-
SHA1
b9bf169836c3c93fe60ed67c285badd47f2554ca
-
SHA256
22bf006e47899384916bca7ff03f3b4f07380471c60e3bf52345138a8aacc377
-
SHA512
f42c02d06493fcfd77aa94a6c6f0406802b64dbe720caae52a51233c5b539b25557f681137041f6fba3d8be721c1e93bab6dbf3794998824b8deefd4896816a3
-
SSDEEP
1536:P0URnrXXSZEo828X6YZ5AH8ilProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:BRri1DYZ+HzltOrWKDBr+yJb
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-