Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

necrum.exe

windows7-x64

10

necrum.exe

windows10-1703-x64

10

necrum.exe

windows7-x64

10

necrum.exe

windows10-2004-x64

10

necrum.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    necrum.exe

  • Size

    15.1MB

  • Sample

    240910-tzljdsvblg

  • MD5

    64aa2e80617afd14f13e38e1132f26c3

  • SHA1

    3a96e073ffa96da80de4917c2e8fa1361d7e545d

  • SHA256

    7f48f82369c6e8007ae96d4593c568feb5bfa6ba269e30abc38ecb15061df667

  • SHA512

    aecd7070a1f17e9a91f7ee80a2470092952e873115ae93506f1f74d5bc12e211f5bf66e78b67bf4ce799a99f72c65213530875e9eb592f29c37c1e244c38748c

  • SSDEEP

    196608:Es63+nZZejJYUaHS3Z5py2ZJenaJbTZNrrcqsqObXBm4T1+aHd48Z6o9cPEKlJoc:9tY9aHcZxPecvUfXBm4sAHN/y3n

Score
10/10
gozibankerisfbtrojan

Malware Config

Extracted

Family

gozi

Targets

    • Target

      necrum.exe

    • Size

      15.1MB

    • MD5

      64aa2e80617afd14f13e38e1132f26c3

    • SHA1

      3a96e073ffa96da80de4917c2e8fa1361d7e545d

    • SHA256

      7f48f82369c6e8007ae96d4593c568feb5bfa6ba269e30abc38ecb15061df667

    • SHA512

      aecd7070a1f17e9a91f7ee80a2470092952e873115ae93506f1f74d5bc12e211f5bf66e78b67bf4ce799a99f72c65213530875e9eb592f29c37c1e244c38748c

    • SSDEEP

      196608:Es63+nZZejJYUaHS3Z5py2ZJenaJbTZNrrcqsqObXBm4T1+aHd48Z6o9cPEKlJoc:9tY9aHcZxPecvUfXBm4sAHN/y3n

    Score
    10/10
    gozibankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2behavioral3behavioral4behavioral5

MITRE ATT&CK Matrix

Tasks