Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b334e0d09cea851bd72d2346526a8bfd15a5dbd5ed4a36f0d0fd603a04b4e48f.zip
-
Size
188KB
-
Sample
230824-zcklgafd88
-
MD5
9f7bb4d4cc7b4745abb82f0b4252f0c5
-
SHA1
1b26fb2d3ea7649947e418db0347b3a5d6416256
-
SHA256
95bb46185c352b770ee7bb43ef8635058fc180879d6de6627991e06468329042
-
SHA512
5b7f3b241b94066a7a6f050390f904d7b80899f8d38fb52632bf41814669cb9a3a72ffa3a5ae5a253681cee26eaa1e52d367b27e0c2f0c08e33de1ac88f74a5c
-
SSDEEP
3072:klYiI/ePxskk5t73lPTuDKjQSycqLVNAseisry0bX65yS2OPd2rxwnNZxh9G:WYiuePxzk3JT+8Qlc87KNnlSBdsxeO
Static task
static1
Behavioral task
behavioral1
Sample
b334e0d09cea851bd72d2346526a8bfd15a5dbd5ed4a36f0d0fd603a04b4e48f.vbs
Resource
win7-20230712-en
Malware Config
Extracted
gozi
-
build
217112
Extracted
gozi
2000
ad1.wensa.at/api1
nort.calag.at/api1
-
build
217112
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
193.183.98.66
51.15.98.97
94.247.43.254
195.10.195.195
8.8.8.8
-
exe_type
loader
-
server_id
730
Targets
-
-
Target
b334e0d09cea851bd72d2346526a8bfd15a5dbd5ed4a36f0d0fd603a04b4e48f
-
Size
847KB
-
MD5
2368e9e529ee85a9c57efae72ee32a63
-
SHA1
6c9c1510ca27b115323ff2c11f004fbcb7bf03f8
-
SHA256
b334e0d09cea851bd72d2346526a8bfd15a5dbd5ed4a36f0d0fd603a04b4e48f
-
SHA512
a9146dfcf5b0fbe3491898257373c526dfba2b782e45e911b7490a661eed295081c6858eeb7b574f9dfa23b6ede7ba17f2e78e53b3c5613dc07c19d5c89e0c60
-
SSDEEP
6144:DSI4WZ5LeyWnPuoWD8TgkcObHofZMMKzqXCFdlXYkq8xM2dC0tk2+NEImlKiYebD:D/4r
-
Loads dropped DLL
-