Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    815003b0ec2b19d22ba15c002b2d277c

  • Size

    5.8MB

  • Sample

    240130-bdjtkafhbn

  • MD5

    815003b0ec2b19d22ba15c002b2d277c

  • SHA1

    995e9a08d9045f5137235b886faebcf1251458ea

  • SHA256

    88f6d42f1b8245c640f84bab6755be8827c3d149f2a9043d190c98312679fa7e

  • SHA512

    6ea7623c430fa8e795ebf82fa5c276ef32b672c7296f1ea9a8212e90a9d152d34ba5640ebbf8f0fa12017e0cd097f5620454bcdebb1d6a3937d2059e5a17f019

  • SSDEEP

    98304:feOF9x7ewqIHau42c1joCjMPkNwk6vTb7UFQYELizw2ETpHau42c1joCjMPkNwk6:mSVfqKauq1jI86jUFQYELizEJauq1jIH

Malware Config

Extracted

Family

gozi

Targets

    • Target

      815003b0ec2b19d22ba15c002b2d277c

    • Size

      5.8MB

    • MD5

      815003b0ec2b19d22ba15c002b2d277c

    • SHA1

      995e9a08d9045f5137235b886faebcf1251458ea

    • SHA256

      88f6d42f1b8245c640f84bab6755be8827c3d149f2a9043d190c98312679fa7e

    • SHA512

      6ea7623c430fa8e795ebf82fa5c276ef32b672c7296f1ea9a8212e90a9d152d34ba5640ebbf8f0fa12017e0cd097f5620454bcdebb1d6a3937d2059e5a17f019

    • SSDEEP

      98304:feOF9x7ewqIHau42c1joCjMPkNwk6vTb7UFQYELizw2ETpHau42c1joCjMPkNwk6:mSVfqKauq1jI86jUFQYELizEJauq1jIH

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks