Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

a680574ade...xe.dll

windows7-x64

10

a680574ade...xe.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a680574ade5140ed02c9c36bde94f1d9.exe.vir

  • Size

    478KB

  • Sample

    230214-psnmysdc94

  • MD5

    a680574ade5140ed02c9c36bde94f1d9

  • SHA1

    7bc6ac0a197efc9d894b586b1cd00c5b6fb1f6a0

  • SHA256

    45801ddcea54e60f804a3e217b91eb998e67ed592c4894fa9a0b4cecaa3c8b2c

  • SHA512

    cf505bb0556ac84944c5073f0baf5ecae7009e4ab4a1ed84421155b7cf658f07dfbda01461e2616a56186a81d41a05fee394790bec070d398704cf21af729c11

  • SSDEEP

    6144:4dhdVjFYJCovXPXqtBwlK4sPY3qrRM9ZO5/pQML1oKcG5wSlD2t+:OjFGfvXPXiUK4BAM90cG5Q

Score
10/10
gozi1000bankerldr4trojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1000

C2

https://mereter.cloud

Attributes
  • host_keep_time

    2

  • host_shift_time

    1

  • idle_time

    1

  • request_time

    10

aes.plain

Targets

    • Target

      a680574ade5140ed02c9c36bde94f1d9.exe.vir

    • Size

      478KB

    • MD5

      a680574ade5140ed02c9c36bde94f1d9

    • SHA1

      7bc6ac0a197efc9d894b586b1cd00c5b6fb1f6a0

    • SHA256

      45801ddcea54e60f804a3e217b91eb998e67ed592c4894fa9a0b4cecaa3c8b2c

    • SHA512

      cf505bb0556ac84944c5073f0baf5ecae7009e4ab4a1ed84421155b7cf658f07dfbda01461e2616a56186a81d41a05fee394790bec070d398704cf21af729c11

    • SSDEEP

      6144:4dhdVjFYJCovXPXqtBwlK4sPY3qrRM9ZO5/pQML1oKcG5wSlD2t+:OjFGfvXPXiUK4BAM90cG5Q

    Score
    10/10
    gozi1000bankerldr4trojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks