Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7ea05bfd42da21ba835f8f3f01add45b

  • Size

    5.8MB

  • Sample

    240129-cr4xbshbfn

  • MD5

    7ea05bfd42da21ba835f8f3f01add45b

  • SHA1

    c2486d961a060085bdba6c62ccfc23be79eb71e1

  • SHA256

    ad93d15251be363e6794e5c3cf43b809ef96c154a9a2846626e519f485ad0401

  • SHA512

    f064edccfd38e522147db7b88c010b2c8584ca0dfbdada1f079dcbcc4b0f7daa75f34a05f9236d7ad75fd0b1e56477c86da9981c8d7e2f8459a357785df3ad9b

  • SSDEEP

    98304:r9aqq6StvZu3LV/gg3gnl/IVUs1jePsDdl3yM8lvOzqggg3gnl/IVUs1jePs:Aqq4vgl/iBiPgdl3boqqkgl/iBiP

Malware Config

Extracted

Family

gozi

Targets

    • Target

      7ea05bfd42da21ba835f8f3f01add45b

    • Size

      5.8MB

    • MD5

      7ea05bfd42da21ba835f8f3f01add45b

    • SHA1

      c2486d961a060085bdba6c62ccfc23be79eb71e1

    • SHA256

      ad93d15251be363e6794e5c3cf43b809ef96c154a9a2846626e519f485ad0401

    • SHA512

      f064edccfd38e522147db7b88c010b2c8584ca0dfbdada1f079dcbcc4b0f7daa75f34a05f9236d7ad75fd0b1e56477c86da9981c8d7e2f8459a357785df3ad9b

    • SSDEEP

      98304:r9aqq6StvZu3LV/gg3gnl/IVUs1jePsDdl3yM8lvOzqggg3gnl/IVUs1jePs:Aqq4vgl/iBiPgdl3boqqkgl/iBiP

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks