Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7db41b7644e0fd7510f32a4c43efde10

  • Size

    2.9MB

  • Sample

    240128-w7glhsfff6

  • MD5

    7db41b7644e0fd7510f32a4c43efde10

  • SHA1

    bc3dd55a2662ae6dd1b63d465a436d2885a2c8b7

  • SHA256

    2aa71cc7113d30f7d02ede3752d2a3213b52b592da50453f96cb448e50ade8d1

  • SHA512

    bad1f9ad285ca8604133cea6038f8149aa01386bcfb501944722cc9844d3bf41a8c21dcd287ab2e3988339989f4f908ecfc4d195f630058613dc7867b5046014

  • SSDEEP

    49152:6NVhjsqgrf5Ll4Gendbyws8QCIbVBQ+2/cP4M338dB2IBlGuuDVUsdxxjeQZwxP0:eV5cXT2dW7xDbVBQ+tgg3gnl/IVUs1jl

Malware Config

Extracted

Family

gozi

Targets

    • Target

      7db41b7644e0fd7510f32a4c43efde10

    • Size

      2.9MB

    • MD5

      7db41b7644e0fd7510f32a4c43efde10

    • SHA1

      bc3dd55a2662ae6dd1b63d465a436d2885a2c8b7

    • SHA256

      2aa71cc7113d30f7d02ede3752d2a3213b52b592da50453f96cb448e50ade8d1

    • SHA512

      bad1f9ad285ca8604133cea6038f8149aa01386bcfb501944722cc9844d3bf41a8c21dcd287ab2e3988339989f4f908ecfc4d195f630058613dc7867b5046014

    • SSDEEP

      49152:6NVhjsqgrf5Ll4Gendbyws8QCIbVBQ+2/cP4M338dB2IBlGuuDVUsdxxjeQZwxP0:eV5cXT2dW7xDbVBQ+tgg3gnl/IVUs1jl

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks