Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6bb5680d8c373eec3b49d3b53442dd307d4e2305d669948f739598044ca1db21

  • Size

    3.5MB

  • Sample

    240210-zfffxsac29

  • MD5

    11aadc6bb7a934843d9a51484f6d4d0d

  • SHA1

    1a5ac559a19893d5cd3e51ae7a5f8c70fe52ae58

  • SHA256

    6bb5680d8c373eec3b49d3b53442dd307d4e2305d669948f739598044ca1db21

  • SHA512

    6dbaf5a4550e8322ab3ffd51c4836f7e9cd0ff13b742d07b5b12d246834691894d0d655e2c7aa244bc92d21af1c656abc9e056160f96eeecadbd1c58f802c028

  • SSDEEP

    49152:wEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWi:wEjlmQbfgSgwvSnN4iVJub0xtrNIJqN

Malware Config

Extracted

Family

gozi

Targets

    • Target

      6bb5680d8c373eec3b49d3b53442dd307d4e2305d669948f739598044ca1db21

    • Size

      3.5MB

    • MD5

      11aadc6bb7a934843d9a51484f6d4d0d

    • SHA1

      1a5ac559a19893d5cd3e51ae7a5f8c70fe52ae58

    • SHA256

      6bb5680d8c373eec3b49d3b53442dd307d4e2305d669948f739598044ca1db21

    • SHA512

      6dbaf5a4550e8322ab3ffd51c4836f7e9cd0ff13b742d07b5b12d246834691894d0d655e2c7aa244bc92d21af1c656abc9e056160f96eeecadbd1c58f802c028

    • SSDEEP

      49152:wEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gWi:wEjlmQbfgSgwvSnN4iVJub0xtrNIJqN

    Score
    7/10
    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks