Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
aa0b12611c9a7b964486437f3914be10N
-
Size
163KB
-
Sample
240908-adrnqsshjp
-
MD5
aa0b12611c9a7b964486437f3914be10
-
SHA1
29e30867a8110738d5b87b013281b45f7580a7ba
-
SHA256
94a7200eeacdd9938e356bf0e5b21f0a9773b4566b51877052d6bae911cc1c0e
-
SHA512
f9a0a2c3aa21d8eec14b7ed7e7c939a4f4ae992fd7b944daf91ccfa39df13fa516fcd619a6b11ed1697679d10ad011460e473ad9067ced7b370b58d9d00c66c5
-
SSDEEP
1536:PPUvUhgyTN+/V9c4p39y8agC8lProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:XhhgFbpNy8ap8ltOrWKDBr+yJb
Malware Config
Extracted
gozi
Targets
-
-
Target
aa0b12611c9a7b964486437f3914be10N
-
Size
163KB
-
MD5
aa0b12611c9a7b964486437f3914be10
-
SHA1
29e30867a8110738d5b87b013281b45f7580a7ba
-
SHA256
94a7200eeacdd9938e356bf0e5b21f0a9773b4566b51877052d6bae911cc1c0e
-
SHA512
f9a0a2c3aa21d8eec14b7ed7e7c939a4f4ae992fd7b944daf91ccfa39df13fa516fcd619a6b11ed1697679d10ad011460e473ad9067ced7b370b58d9d00c66c5
-
SSDEEP
1536:PPUvUhgyTN+/V9c4p39y8agC8lProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:XhhgFbpNy8ap8ltOrWKDBr+yJb
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Gozi
Gozi is a well-known and widely distributed banking trojan.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-