Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    825f38f228876cedf14ee527d3ab2bfa

  • Size

    1.3MB

  • Sample

    240130-n35tjsgfbn

  • MD5

    825f38f228876cedf14ee527d3ab2bfa

  • SHA1

    4061aebc762a6d4fbb573dd0a216b510e5d4aad0

  • SHA256

    26aa32c1ba06c6df8de46cb502e60a953ad11c66d77e7dbcf69fa13de6d4f081

  • SHA512

    e465bed946a184d118b7475b51bd19c78aea4a31594d46851445a80871a2d05fb2e667f3bd6944da7839b546b1f32eff30b710eba683209a14640060dbfc2ed3

  • SSDEEP

    24576:XUKekN9aE6mj9cOpNxADt0Aqlvh1mgVIE9pvuKzqvIyZRgMUvG:ZekN9EmhTJQ2lvhjSE9pvXWvNZRgM

Malware Config

Extracted

Family

gozi

Targets

    • Target

      825f38f228876cedf14ee527d3ab2bfa

    • Size

      1.3MB

    • MD5

      825f38f228876cedf14ee527d3ab2bfa

    • SHA1

      4061aebc762a6d4fbb573dd0a216b510e5d4aad0

    • SHA256

      26aa32c1ba06c6df8de46cb502e60a953ad11c66d77e7dbcf69fa13de6d4f081

    • SHA512

      e465bed946a184d118b7475b51bd19c78aea4a31594d46851445a80871a2d05fb2e667f3bd6944da7839b546b1f32eff30b710eba683209a14640060dbfc2ed3

    • SSDEEP

      24576:XUKekN9aE6mj9cOpNxADt0Aqlvh1mgVIE9pvuKzqvIyZRgMUvG:ZekN9EmhTJQ2lvhjSE9pvXWvNZRgM

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks