Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6ab835f59f21e9bf3875de31bd9d27c0N
-
Size
245KB
-
Sample
240911-zzwbgstakj
-
MD5
6ab835f59f21e9bf3875de31bd9d27c0
-
SHA1
22072d530a8543b0ea46258a1df3195c7c1a1d99
-
SHA256
b680caf9752e6264b3222ccd999bbc962f3d8727660eae16851391b508d9558b
-
SHA512
4dccc61df680a73778a0e13cb18159b1a0cdbe60f8b6f09ec45be47ad4cd218acede83997f316aa973e558968e111e8a3b3eb3421d88621d31eb14ee4ff3c25f
-
SSDEEP
1536:joadD9444igwD+JHgFvuiN6BReZmF/4cXeXvubKrFEwMEwKhbArEwKhQL4cXeXvd:kwDMwVrn0Fwago+bAr+Qka
Malware Config
Extracted
gozi
Targets
-
-
Target
6ab835f59f21e9bf3875de31bd9d27c0N
-
Size
245KB
-
MD5
6ab835f59f21e9bf3875de31bd9d27c0
-
SHA1
22072d530a8543b0ea46258a1df3195c7c1a1d99
-
SHA256
b680caf9752e6264b3222ccd999bbc962f3d8727660eae16851391b508d9558b
-
SHA512
4dccc61df680a73778a0e13cb18159b1a0cdbe60f8b6f09ec45be47ad4cd218acede83997f316aa973e558968e111e8a3b3eb3421d88621d31eb14ee4ff3c25f
-
SSDEEP
1536:joadD9444igwD+JHgFvuiN6BReZmF/4cXeXvubKrFEwMEwKhbArEwKhQL4cXeXvd:kwDMwVrn0Fwago+bAr+Qka
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Gozi
Gozi is a well-known and widely distributed banking trojan.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-