Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

loader_260...71.dll

windows7-x64

3

loader_260...71.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_4f0066b3a94a37a1bb9f13d4ad953b45b761635c0dac4418a8524deffa4c2bc0

  • Size

    38KB

  • Sample

    241222-yevzjswrgz

  • MD5

    aa7b507a69f9a65fc211cf821bfbbfb2

  • SHA1

    7dd8992663f8eb289eaaedbb52ce37cedc48106b

  • SHA256

    4f0066b3a94a37a1bb9f13d4ad953b45b761635c0dac4418a8524deffa4c2bc0

  • SHA512

    caf220a957e852e60aec5820ca9cf3c3ae509605ec269f300dd06766000ae84bd4ec215c0921b099ea4ef485e2859d71daa40070d5c6471d21edb8021b28be10

  • SSDEEP

    768:v6CNzUJvaQjxB72WPyBga0V59dcL7JFWGXKeYRzkcoyUeSzXd6IXB8H:v6SzGvaQjxcxgaUpcxFWGKedcoyUeqXa

Score
10/10
gozi8899discoveryisfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

8899

C2

msn.com/login

vloderuniok.website

gloderuniok.website
Attributes
  • base_path

    /jkloio/

  • build

    260212

  • dga_season

    10

  • exe_type

    loader

  • extension

    .lko

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      loader_260212_3ce9df2272bb98916f215be5a0943ed0fc06f72eca3bed2385aacc7c1b4c6071

    • Size

      42KB

    • MD5

      f064bbc17ecabfe4d5122c24f64d1459

    • SHA1

      554e022ea2b52a679da260cf3fd799e90b4fed9e

    • SHA256

      3ce9df2272bb98916f215be5a0943ed0fc06f72eca3bed2385aacc7c1b4c6071

    • SHA512

      73585fac40c4b2046e7612348a3f3e8a78017b069cb05893135f8619394f219efa048d9b07590598207cfa3a9c8cabc53760cb794349d458216a444e80eb817b

    • SSDEEP

      768:8MLJUNFNJ0JvomDx/u8nCOzWej+iS61De+cOgW1FO0PU8g6J3o/lcWjIYE/b0Dcj:8ML6n0x1/uUCOzWeC3mi+cOgeFO0Yy48

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks