Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d3d0c1e09b468982f1e2f2335671e48ed975fc160e8f559f99dffd22202d8f9b
-
Size
3.5MB
-
Sample
240206-1gplnaagbn
-
MD5
05f188b582dbc9695ac6eb12d3187cb6
-
SHA1
e0a0f8d822203fe33f760e2546d59fd565fc3e92
-
SHA256
d3d0c1e09b468982f1e2f2335671e48ed975fc160e8f559f99dffd22202d8f9b
-
SHA512
e235c6ef1cf032643b24a255337b9105787f5ab002b7e50c1283a7a5a90c294f3359826bd576e2514ce0635891a3cc4d6741f45c13bbec30184b7ad78c2b1791
-
SSDEEP
49152:JEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWU:JEjlmQbfgSgwvSnN4iVJub0xtrNIJqz
Behavioral task
behavioral1
Sample
d3d0c1e09b468982f1e2f2335671e48ed975fc160e8f559f99dffd22202d8f9b.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
d3d0c1e09b468982f1e2f2335671e48ed975fc160e8f559f99dffd22202d8f9b.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
gozi
Targets
-
-
Target
d3d0c1e09b468982f1e2f2335671e48ed975fc160e8f559f99dffd22202d8f9b
-
Size
3.5MB
-
MD5
05f188b582dbc9695ac6eb12d3187cb6
-
SHA1
e0a0f8d822203fe33f760e2546d59fd565fc3e92
-
SHA256
d3d0c1e09b468982f1e2f2335671e48ed975fc160e8f559f99dffd22202d8f9b
-
SHA512
e235c6ef1cf032643b24a255337b9105787f5ab002b7e50c1283a7a5a90c294f3359826bd576e2514ce0635891a3cc4d6741f45c13bbec30184b7ad78c2b1791
-
SSDEEP
49152:JEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWU:JEjlmQbfgSgwvSnN4iVJub0xtrNIJqz
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-