Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    82b3f14d3b08cb9b6e8e2abc35722981

  • Size

    2.7MB

  • Sample

    240130-16vh7sdgc7

  • MD5

    82b3f14d3b08cb9b6e8e2abc35722981

  • SHA1

    5da0064fba9aeb4565b2c7c1fa5cf1a7e14d824e

  • SHA256

    84cdfd7781c3ab9cb30b90bb36fa31d5c4a025ffce0d2cb8eacba0c3c86ef318

  • SHA512

    d6b322590f87766a070430bd6ace6ebde9cc706fd2355f5bc5aa7f2a809605dbeb3115afeaae5b4b643b6a558cc0e8a83d306aef167a54999eb60a5a0319364c

  • SSDEEP

    49152:5osORn3RWxbKIXF9nUiKjPN7agmdDT1ZgUbFYUWrMAYoR6RWrP2y/XYp:52n3RSbNDU7N+TdD59bFYEnoR6ywp

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Targets

    • Target

      82b3f14d3b08cb9b6e8e2abc35722981

    • Size

      2.7MB

    • MD5

      82b3f14d3b08cb9b6e8e2abc35722981

    • SHA1

      5da0064fba9aeb4565b2c7c1fa5cf1a7e14d824e

    • SHA256

      84cdfd7781c3ab9cb30b90bb36fa31d5c4a025ffce0d2cb8eacba0c3c86ef318

    • SHA512

      d6b322590f87766a070430bd6ace6ebde9cc706fd2355f5bc5aa7f2a809605dbeb3115afeaae5b4b643b6a558cc0e8a83d306aef167a54999eb60a5a0319364c

    • SSDEEP

      49152:5osORn3RWxbKIXF9nUiKjPN7agmdDT1ZgUbFYUWrMAYoR6RWrP2y/XYp:52n3RSbNDU7N+TdD59bFYEnoR6ywp

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks