Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7e960fc95614afe05ee344efc466f9e8

  • Size

    5.8MB

  • Sample

    240129-cfkdjsfeb5

  • MD5

    7e960fc95614afe05ee344efc466f9e8

  • SHA1

    de68c3ebe6bcba26772ecc0fef51337d010d45a5

  • SHA256

    0a82865f818cdee6480e119d0ddf73b4615955435876e5a68b7b057dd1523ca7

  • SHA512

    071c87fda1d018e761ac32a020b749fdf75bc391a4c9ad6a3230451b34609ae91f77c6b13f01940017a7e2fb18b65bef8c5e8e7240e57af4291d0a33a8307e84

  • SSDEEP

    98304:WSYJktlGQZaXhP5a9UEI+eG9jAkbkR79D+cVItGQZaXhP5a9UEI+eG:yqFGhRaaCkN9qHGhRa

Malware Config

Extracted

Family

gozi

Targets

    • Target

      7e960fc95614afe05ee344efc466f9e8

    • Size

      5.8MB

    • MD5

      7e960fc95614afe05ee344efc466f9e8

    • SHA1

      de68c3ebe6bcba26772ecc0fef51337d010d45a5

    • SHA256

      0a82865f818cdee6480e119d0ddf73b4615955435876e5a68b7b057dd1523ca7

    • SHA512

      071c87fda1d018e761ac32a020b749fdf75bc391a4c9ad6a3230451b34609ae91f77c6b13f01940017a7e2fb18b65bef8c5e8e7240e57af4291d0a33a8307e84

    • SSDEEP

      98304:WSYJktlGQZaXhP5a9UEI+eG9jAkbkR79D+cVItGQZaXhP5a9UEI+eG:yqFGhRaaCkN9qHGhRa

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks