Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7c65ace705306217f85f005f41224617

  • Size

    448KB

  • Sample

    240128-hb8hgafaap

  • MD5

    7c65ace705306217f85f005f41224617

  • SHA1

    3a05578fd4c12043a154e59261f39950d96c7896

  • SHA256

    010a996a581df1cb90dbddadca520cbf0490ff376ecc862362b94ef49beae173

  • SHA512

    186072427a889800b94a9113fe813d8baa06e5de9375a22cc49780e393d0f252db53f449762e7e2d2c4c16c19f8730566f8bfde296be976e7bf64b72c0adeeff

  • SSDEEP

    6144:RQRSoUhwQbY+mxbi++tnemDvg2ftzu/iNtHNItmQp6gpSLVvk62uzA8UCwz:RYT8K/ABr1vjKzpZp0VyyARC

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

3500

C2

gtr.antoinfer.com

f1.bablefiler.at

Attributes
  • build

    250211

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      7c65ace705306217f85f005f41224617

    • Size

      448KB

    • MD5

      7c65ace705306217f85f005f41224617

    • SHA1

      3a05578fd4c12043a154e59261f39950d96c7896

    • SHA256

      010a996a581df1cb90dbddadca520cbf0490ff376ecc862362b94ef49beae173

    • SHA512

      186072427a889800b94a9113fe813d8baa06e5de9375a22cc49780e393d0f252db53f449762e7e2d2c4c16c19f8730566f8bfde296be976e7bf64b72c0adeeff

    • SSDEEP

      6144:RQRSoUhwQbY+mxbi++tnemDvg2ftzu/iNtHNItmQp6gpSLVvk62uzA8UCwz:RYT8K/ABr1vjKzpZp0VyyARC

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

MITRE ATT&CK Matrix

Tasks