Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    39e793b97b74eb2cd0d8007019dfe8c21c23f6281a89f9977654ba9e4b46643c

  • Size

    3.4MB

  • Sample

    240206-1fxkwaafhm

  • MD5

    1d14aa2c84d63bfb1f4e8a8af7e7da13

  • SHA1

    7e2b2b1354bdbebffd5539cc21c77d50ac13fd36

  • SHA256

    39e793b97b74eb2cd0d8007019dfe8c21c23f6281a89f9977654ba9e4b46643c

  • SHA512

    b1955c56f1204869c7412c5b5b29e2ba8548cb103e748af01497fb7a4c76339bd3f8d5c88ac18f26b592bff487b58b995d8c41cddc12d8ec3a95083be356bb2d

  • SSDEEP

    49152:/EjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWy:/EjlmQbfgSgwvSnN4iVJuS0xJdzYUqL

Malware Config

Extracted

Family

gozi

Targets

    • Target

      39e793b97b74eb2cd0d8007019dfe8c21c23f6281a89f9977654ba9e4b46643c

    • Size

      3.4MB

    • MD5

      1d14aa2c84d63bfb1f4e8a8af7e7da13

    • SHA1

      7e2b2b1354bdbebffd5539cc21c77d50ac13fd36

    • SHA256

      39e793b97b74eb2cd0d8007019dfe8c21c23f6281a89f9977654ba9e4b46643c

    • SHA512

      b1955c56f1204869c7412c5b5b29e2ba8548cb103e748af01497fb7a4c76339bd3f8d5c88ac18f26b592bff487b58b995d8c41cddc12d8ec3a95083be356bb2d

    • SSDEEP

      49152:/EjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWy:/EjlmQbfgSgwvSnN4iVJuS0xJdzYUqL

    Score
    7/10
    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks