Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

3372-140-0...ry.dll

windows7-x64

3

3372-140-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3372-140-0x0000000000400000-0x0000000000495000-memory.dmp

  • Size

    596KB

  • Sample

    221229-rdhjhadb82

  • MD5

    acd0fc91e0c24024bf14bdd2b0b76361

  • SHA1

    b3a857f0dd3ad9a7acb867d7a9eaf93a74c89bdb

  • SHA256

    b0e9693b49669a9b1e56fc33824642a8789469906455b2bdb03d50c186938c44

  • SHA512

    c52f5fdc2a83bff237dc75e9bd4055531540a675aa85750263b481e3279a97c3d73af3a3f2a51effac5dd21a4755dd01845d8cb7b04a0e75efacd5a11d0737e3

  • SSDEEP

    768:L2HRfxRHbvvpywyV34OB9bl5n+iRjn9P1avZa9Bmr1h097mI5:kRfxR7Zjyt5+0zavZangX097m

Score
10/10
gozi22500isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

22500

C2

confisg.edge.skype.com

http://

s28bxcw.xyz

config.edgse.skype.com

http://89.43.107.7
Attributes
  • base_path

    /recycle/

  • build

    250249

  • exe_type

    loader

  • extension

    .alo

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      3372-140-0x0000000000400000-0x0000000000495000-memory.dmp

    • Size

      596KB

    • MD5

      acd0fc91e0c24024bf14bdd2b0b76361

    • SHA1

      b3a857f0dd3ad9a7acb867d7a9eaf93a74c89bdb

    • SHA256

      b0e9693b49669a9b1e56fc33824642a8789469906455b2bdb03d50c186938c44

    • SHA512

      c52f5fdc2a83bff237dc75e9bd4055531540a675aa85750263b481e3279a97c3d73af3a3f2a51effac5dd21a4755dd01845d8cb7b04a0e75efacd5a11d0737e3

    • SSDEEP

      768:L2HRfxRHbvvpywyV34OB9bl5n+iRjn9P1avZa9Bmr1h097mI5:kRfxR7Zjyt5+0zavZangX097m

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks