Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    822035de1b664d11ff354507fdb73dcf

  • Size

    1.3MB

  • Sample

    240130-lvv82adee9

  • MD5

    822035de1b664d11ff354507fdb73dcf

  • SHA1

    640eab2448c11487f3d009e97de15fbdf11e71af

  • SHA256

    82cdb560110434788579f72862ad3d79f8523f6905e52997907aa20ff31af515

  • SHA512

    28a8ce8fa412880a9ae138f64ea3af474851465072baef2704df2cd54b8bf82de7dd66a046fe30e3392d9594c9ff44417142757133156dde488d212e7f74e730

  • SSDEEP

    24576:GjhDqAxg3PPix1qw6lhC84/dfzCznLli0GEWKN0OGXzgV/XjvwDdGJvG:IqIgPqiwN/BCzLs0aKNWX8V/Xjq

Malware Config

Extracted

Family

gozi

Targets

    • Target

      822035de1b664d11ff354507fdb73dcf

    • Size

      1.3MB

    • MD5

      822035de1b664d11ff354507fdb73dcf

    • SHA1

      640eab2448c11487f3d009e97de15fbdf11e71af

    • SHA256

      82cdb560110434788579f72862ad3d79f8523f6905e52997907aa20ff31af515

    • SHA512

      28a8ce8fa412880a9ae138f64ea3af474851465072baef2704df2cd54b8bf82de7dd66a046fe30e3392d9594c9ff44417142757133156dde488d212e7f74e730

    • SSDEEP

      24576:GjhDqAxg3PPix1qw6lhC84/dfzCznLli0GEWKN0OGXzgV/XjvwDdGJvG:IqIgPqiwN/BCzLs0aKNWX8V/Xjq

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks