Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1ca876c52412029cbcc7549dcb7702dcdfc4aa061c725679495965b4270ec96f
-
Size
3.8MB
-
Sample
240206-1d62jaafck
-
MD5
150441965f355a775fc719053fb8f01a
-
SHA1
883f859829a46dc00778090b716323e6b7cc7a63
-
SHA256
1ca876c52412029cbcc7549dcb7702dcdfc4aa061c725679495965b4270ec96f
-
SHA512
14f43f3ff9288d02b5b0fedd27ef1de5b167bb233a618523c7268532b2cb005a896cc3fb1af0269ea28925d2b4c9d999755b63171a079cf91daed959ccf479e8
-
SSDEEP
98304:5EjlmQbfgSgwvSnN4iVJui0xdRoM5XBHsdqX:5EjgQPXqOvWdqX
Behavioral task
behavioral1
Sample
1ca876c52412029cbcc7549dcb7702dcdfc4aa061c725679495965b4270ec96f.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1ca876c52412029cbcc7549dcb7702dcdfc4aa061c725679495965b4270ec96f.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
gozi
Targets
-
-
Target
1ca876c52412029cbcc7549dcb7702dcdfc4aa061c725679495965b4270ec96f
-
Size
3.8MB
-
MD5
150441965f355a775fc719053fb8f01a
-
SHA1
883f859829a46dc00778090b716323e6b7cc7a63
-
SHA256
1ca876c52412029cbcc7549dcb7702dcdfc4aa061c725679495965b4270ec96f
-
SHA512
14f43f3ff9288d02b5b0fedd27ef1de5b167bb233a618523c7268532b2cb005a896cc3fb1af0269ea28925d2b4c9d999755b63171a079cf91daed959ccf479e8
-
SSDEEP
98304:5EjlmQbfgSgwvSnN4iVJui0xdRoM5XBHsdqX:5EjgQPXqOvWdqX
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-