Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
da5df6cf42b7672f5b7c20c809ec3772_JaffaCakes118
-
Size
197KB
-
Sample
240911-pvtlzs1apl
-
MD5
da5df6cf42b7672f5b7c20c809ec3772
-
SHA1
b9428dfdfa5db55cb1eda3c28c0702a5edf746e7
-
SHA256
872f35f887a8c22fc56d9baa80a861a88d2b3737ba289788394f0a68147d0115
-
SHA512
82198a670a26e821a87a308aafb59d18cac94df3627163d2e90118e55f5543e572281fb0f70be75fe65e35b3a2512c96f76b48d7d01a6652f0792e9295181288
-
SSDEEP
3072:oWDdCZn+MHTptyZ1+5Ck15lxYY54Fp3QT2kZz2yDj0EQ8x7xSJM7UmA0ox6:oWkdVlS1oCPY5+QT2kx5HlS27Umg
Malware Config
Extracted
gozi
-
build
215165
Extracted
gozi
3135
zweideckei.com
ziebelschr.com
endetztera.com
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
da5df6cf42b7672f5b7c20c809ec3772_JaffaCakes118
-
Size
197KB
-
MD5
da5df6cf42b7672f5b7c20c809ec3772
-
SHA1
b9428dfdfa5db55cb1eda3c28c0702a5edf746e7
-
SHA256
872f35f887a8c22fc56d9baa80a861a88d2b3737ba289788394f0a68147d0115
-
SHA512
82198a670a26e821a87a308aafb59d18cac94df3627163d2e90118e55f5543e572281fb0f70be75fe65e35b3a2512c96f76b48d7d01a6652f0792e9295181288
-
SSDEEP
3072:oWDdCZn+MHTptyZ1+5Ck15lxYY54Fp3QT2kZz2yDj0EQ8x7xSJM7UmA0ox6:oWkdVlS1oCPY5+QT2kx5HlS27Umg
Score10/10-
Gozi
Gozi is a well-known and widely distributed banking trojan.
-