Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    gozi.payload-disk

  • Size

    42KB

  • Sample

    240209-ck8a6sec8z

  • MD5

    e6051b1d448abb3c3b10035df9742187

  • SHA1

    6c37910905325683bd16a0aad94cc9442c14746f

  • SHA256

    e8403c9a488eb96406c287222389d28fa88e45d2261c28c79ac83a57b6910938

  • SHA512

    c83aec0cb9806a9b96a2cba8a6c6702a799515c6588e2543f973e3b5379d7093702f5df55cf42b07a5ab48f990b24907c0afa7b7f91e9c3c4bd2f69a3f5d4dfd

  • SSDEEP

    768:BBbzH0OPsyw2Ujn++vkubHdxDmKC15Ax+VRfRTE4uATX4cLj/z:DRPBun+6nrdxDm1Kx+bfRo4ucLDz

Score
10/10

Malware Config

Extracted

Family

gozi

Botnet

3500

C2

init.icecreambob.com

app.updatebrouser.com

fun.lakeofgold.com

Attributes
  • build

    250211

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      42KB

    • MD5

      e6051b1d448abb3c3b10035df9742187

    • SHA1

      6c37910905325683bd16a0aad94cc9442c14746f

    • SHA256

      e8403c9a488eb96406c287222389d28fa88e45d2261c28c79ac83a57b6910938

    • SHA512

      c83aec0cb9806a9b96a2cba8a6c6702a799515c6588e2543f973e3b5379d7093702f5df55cf42b07a5ab48f990b24907c0afa7b7f91e9c3c4bd2f69a3f5d4dfd

    • SSDEEP

      768:BBbzH0OPsyw2Ujn++vkubHdxDmKC15Ax+VRfRTE4uATX4cLj/z:DRPBun+6nrdxDm1Kx+bfRo4ucLDz

    Score
    1/10

MITRE ATT&CK Matrix

Tasks