Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6b9b27ed5fb619a6603e87283bf8c156f2ed85ef7dca3029e24ba14209e6b563

  • Size

    3.8MB

  • Sample

    240206-1h6xbsghc6

  • MD5

    12f048d098c07b60433fcc1c4b3a9147

  • SHA1

    7853b3c059fe17b71acc5cdf442ccd853718089b

  • SHA256

    6b9b27ed5fb619a6603e87283bf8c156f2ed85ef7dca3029e24ba14209e6b563

  • SHA512

    02a4a2262b326ad59a5c889950a1b4d19f56a75a62db0a6ef52889d25d4b7749b34dc86f421a271cf3b04dbfd096694733c96b7da0e88de54cec4eb4faae5dd9

  • SSDEEP

    98304:XEjlmQbfgSgwvSnN4iVJu+0xGZ6twFquI3rFqA:XEjgQPXqdEtwYf3rFqA

Malware Config

Extracted

Family

gozi

Targets

    • Target

      6b9b27ed5fb619a6603e87283bf8c156f2ed85ef7dca3029e24ba14209e6b563

    • Size

      3.8MB

    • MD5

      12f048d098c07b60433fcc1c4b3a9147

    • SHA1

      7853b3c059fe17b71acc5cdf442ccd853718089b

    • SHA256

      6b9b27ed5fb619a6603e87283bf8c156f2ed85ef7dca3029e24ba14209e6b563

    • SHA512

      02a4a2262b326ad59a5c889950a1b4d19f56a75a62db0a6ef52889d25d4b7749b34dc86f421a271cf3b04dbfd096694733c96b7da0e88de54cec4eb4faae5dd9

    • SSDEEP

      98304:XEjlmQbfgSgwvSnN4iVJu+0xGZ6twFquI3rFqA:XEjgQPXqdEtwYf3rFqA

    Score
    7/10
    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks