Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7e6c07142da30201076e9349b40bdafe818e930267335320ffeb304a310d3729
-
Size
3.5MB
-
Sample
240131-3jjjjaeee6
-
MD5
af2cce4495c85ee521f200ca8aafc79c
-
SHA1
aadc488c0e2224a630657313bc654318624aecde
-
SHA256
7e6c07142da30201076e9349b40bdafe818e930267335320ffeb304a310d3729
-
SHA512
57169916d4f2032fb850dcafe7fc398e11b92abbc87f929958fa81765da7fb5ff683b8c6737fbc38ee9920130674908606f43123ec1ef0e02c9c3f4b8434bbe9
-
SSDEEP
49152:4EjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWP:4EjlmQbfgSgwvSnN4iVJuP0xCQVqp
Behavioral task
behavioral1
Sample
7e6c07142da30201076e9349b40bdafe818e930267335320ffeb304a310d3729.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
7e6c07142da30201076e9349b40bdafe818e930267335320ffeb304a310d3729.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
gozi
Targets
-
-
Target
7e6c07142da30201076e9349b40bdafe818e930267335320ffeb304a310d3729
-
Size
3.5MB
-
MD5
af2cce4495c85ee521f200ca8aafc79c
-
SHA1
aadc488c0e2224a630657313bc654318624aecde
-
SHA256
7e6c07142da30201076e9349b40bdafe818e930267335320ffeb304a310d3729
-
SHA512
57169916d4f2032fb850dcafe7fc398e11b92abbc87f929958fa81765da7fb5ff683b8c6737fbc38ee9920130674908606f43123ec1ef0e02c9c3f4b8434bbe9
-
SSDEEP
49152:4EjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWP:4EjlmQbfgSgwvSnN4iVJuP0xCQVqp
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-