Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2a415336368ccd905e039aa07d3d64c9b0601673ed86b2a01c2647941cd19e10

  • Size

    3.5MB

  • Sample

    240223-w9hxcseh59

  • MD5

    11e555b0ad8b2971b03684fcefeecc79

  • SHA1

    6d3c7d08da43ff7cd2dba01af102d5921d299bf4

  • SHA256

    2a415336368ccd905e039aa07d3d64c9b0601673ed86b2a01c2647941cd19e10

  • SHA512

    e419a71b3b1a7a8226ca9d39c11b863cf1956012c6e8db4f446202c28e4673d572cdd800458b532f33735b15692810068c534038d2bff1e1b82bc7714468c464

  • SSDEEP

    49152:kEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gW3:kEjlmQbfgSgwvSnN4iVJuu0xHrcgWqZ

Malware Config

Extracted

Family

gozi

Targets

    • Target

      2a415336368ccd905e039aa07d3d64c9b0601673ed86b2a01c2647941cd19e10

    • Size

      3.5MB

    • MD5

      11e555b0ad8b2971b03684fcefeecc79

    • SHA1

      6d3c7d08da43ff7cd2dba01af102d5921d299bf4

    • SHA256

      2a415336368ccd905e039aa07d3d64c9b0601673ed86b2a01c2647941cd19e10

    • SHA512

      e419a71b3b1a7a8226ca9d39c11b863cf1956012c6e8db4f446202c28e4673d572cdd800458b532f33735b15692810068c534038d2bff1e1b82bc7714468c464

    • SSDEEP

      49152:kEjEamQb2OguN8Dfk5JEG14wv2QwnN4iTapOcaPKfjtD8cEOxeuxzS2hPV5T1gW3:kEjlmQbfgSgwvSnN4iVJuu0xHrcgWqZ

    Score
    7/10
    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks