Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e0c7c3153dd109789ad5514078887443_JaffaCakes118
-
Size
149KB
-
Sample
240914-w5l38aydpk
-
MD5
e0c7c3153dd109789ad5514078887443
-
SHA1
7696b0d065ab5afde9f29d8857beebec0b5c3ca8
-
SHA256
4bc38f181b2d96f0a3a57f3f0b9167d57b0544eb0be6e4d1ede8bf55897a982e
-
SHA512
a9ad943b7430349b995d8ba7c57569e4d6a66ed62ebb5cfc471a54194423cc7d07d7d260715e33e28e825ae7274750d77a2d1f5a2047fc5fdfea9ca9b8ef5f09
-
SSDEEP
3072:tzaE7ZKrQMh/x8orIrUCic0PglqlsvARnj1N2Kl55D8ejI1AbWxS/Cau2lPX3LMB:ZaE4rQqlrIQL8Eh2KloesObWxS/TzMB
Malware Config
Extracted
gozi
-
build
214085
Extracted
gozi
3475
google.com
gmail.com
q982yeq23.xyz
t7763jykqeiy.com
hjruu.com
-
build
214085
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
e0c7c3153dd109789ad5514078887443_JaffaCakes118
-
Size
149KB
-
MD5
e0c7c3153dd109789ad5514078887443
-
SHA1
7696b0d065ab5afde9f29d8857beebec0b5c3ca8
-
SHA256
4bc38f181b2d96f0a3a57f3f0b9167d57b0544eb0be6e4d1ede8bf55897a982e
-
SHA512
a9ad943b7430349b995d8ba7c57569e4d6a66ed62ebb5cfc471a54194423cc7d07d7d260715e33e28e825ae7274750d77a2d1f5a2047fc5fdfea9ca9b8ef5f09
-
SSDEEP
3072:tzaE7ZKrQMh/x8orIrUCic0PglqlsvARnj1N2Kl55D8ejI1AbWxS/Cau2lPX3LMB:ZaE4rQqlrIQL8Eh2KloesObWxS/TzMB
Score10/10-
Gozi
Gozi is a well-known and widely distributed banking trojan.
-