Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dfa227555e67863a65cfe03a588ee23b_JaffaCakes118
-
Size
203KB
-
Sample
240914-gy24jazhrf
-
MD5
dfa227555e67863a65cfe03a588ee23b
-
SHA1
2ebcc7a0d7a421ee212fbe1407f3865791d7ebda
-
SHA256
e4f19d47d850151c4026a85fc71ea4f1a211d0e07a9ee1984723837c99dd8d34
-
SHA512
a9993d42b8206f631f575abfd7243de1bbc62be5986d88c09047102aaeedb1422cff4ffec9478b7a999f1b1ae50eac620e54e6fb820047574a225b3f6b537b01
-
SSDEEP
3072:9Sji2dQ6v4uPXDNUj4jKBonzmLXlYVRLh0epEEZqkFBc4+uTqN76o:9cdp4uPZzGonqXGXh0bluBc4GZ5
Malware Config
Extracted
gozi
-
build
215165
Extracted
gozi
3162
menehleibe.com
liemuteste.com
thulligend.com
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
dfa227555e67863a65cfe03a588ee23b_JaffaCakes118
-
Size
203KB
-
MD5
dfa227555e67863a65cfe03a588ee23b
-
SHA1
2ebcc7a0d7a421ee212fbe1407f3865791d7ebda
-
SHA256
e4f19d47d850151c4026a85fc71ea4f1a211d0e07a9ee1984723837c99dd8d34
-
SHA512
a9993d42b8206f631f575abfd7243de1bbc62be5986d88c09047102aaeedb1422cff4ffec9478b7a999f1b1ae50eac620e54e6fb820047574a225b3f6b537b01
-
SSDEEP
3072:9Sji2dQ6v4uPXDNUj4jKBonzmLXlYVRLh0epEEZqkFBc4+uTqN76o:9cdp4uPZzGonqXGXh0bluBc4GZ5
Score10/10-
Gozi
Gozi is a well-known and widely distributed banking trojan.
-