Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0b17ea40612bde266a59b196924c2bb72f9129e5149b13f6266bd9bf7bc76912

  • Size

    3.5MB

  • Sample

    240211-rwva1sba52

  • MD5

    3aa1bd1c03199940d9227d1da6553937

  • SHA1

    4234dde995f8008dc83ed168c43eb22ab4e7ad67

  • SHA256

    0b17ea40612bde266a59b196924c2bb72f9129e5149b13f6266bd9bf7bc76912

  • SHA512

    cd0194c204400ebc7018714c7589f028318e3779cd6894b370255ca6adeeaa2aac4d8a482fbac1f9d6ff017903c6e6c0865f60f51628950fff3f9fc8c8da97f1

  • SSDEEP

    98304:0EjlmQbfgSgwvSnN4iVJur0xM/licQBq8:0EjgQPXq0/xQBq8

Malware Config

Extracted

Family

gozi

Targets

    • Target

      0b17ea40612bde266a59b196924c2bb72f9129e5149b13f6266bd9bf7bc76912

    • Size

      3.5MB

    • MD5

      3aa1bd1c03199940d9227d1da6553937

    • SHA1

      4234dde995f8008dc83ed168c43eb22ab4e7ad67

    • SHA256

      0b17ea40612bde266a59b196924c2bb72f9129e5149b13f6266bd9bf7bc76912

    • SHA512

      cd0194c204400ebc7018714c7589f028318e3779cd6894b370255ca6adeeaa2aac4d8a482fbac1f9d6ff017903c6e6c0865f60f51628950fff3f9fc8c8da97f1

    • SSDEEP

      98304:0EjlmQbfgSgwvSnN4iVJur0xM/licQBq8:0EjgQPXq0/xQBq8

    Score
    7/10
    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks