Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    939f73a559fd7147c356cb7d8cd23457

  • Size

    242KB

  • MD5

    939f73a559fd7147c356cb7d8cd23457

  • SHA1

    52106e7807b52406fbe1ffa99d73a3b93d1659ff

  • SHA256

    598029ade1d8cb6d0f8f86188bd2fa123e2f15024ce72fad8042913d333ea77e

  • SHA512

    867e441d29af65fc21b037e89b342e3d8a35c15d67ece59516086e245f88a924b86c08cad5648827e84d5efd6b5e5030327d36810a6b12734fed25ada832e7e4

  • SSDEEP

    6144:tmnZO0GDlypHAT/cxkDyPFXkfh+3m33c5TWjak4SvS83x:tMZOrEpHAT/cLPF0Im3s5TWjaCK8

Score
10/10

Malware Config

Extracted

Family

gozi

Botnet

2500

C2

art.microsoftsofymicrosoftsoft.at

apr.intoolkom.at

r23cirt55ysvtdvl.onion

gta5.fifatalk.at

pop.biopiof.at

l46t3vgvmtx5wxe6.onion

v10.avyanok.com

free.monotreener.com

sam.fafona.at

Attributes
  • exe_type

    worker

  • server_id

    580

rsa_pubkey.plain
aes.plain

Signatures

  • Gozi family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 939f73a559fd7147c356cb7d8cd23457
    .dll windows:4 windows x64 arch:x64

    8a5d8f502e35131a4443369f6ddb5a6c


    Headers

    Imports

    Sections