Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    83a09271b45d7ea507347edf6d0db0dd

  • Size

    2.9MB

  • Sample

    240131-gnsr4sedhl

  • MD5

    83a09271b45d7ea507347edf6d0db0dd

  • SHA1

    0676c7c21e82da30ff62fdffc9f0d368bd8d003c

  • SHA256

    47eb1c786b2cb01a46e90387970ad9d57408f6b0f25ad3bba59b5d00b46e0fef

  • SHA512

    60dc890346882b8e8d01e00a246262ee0799a49e530bb572b5f93bbf49f51141fb92d242a04027b999277d03c1b9b6c1d41d0c04b838a275d14446c66184305b

  • SSDEEP

    49152:h3frdQhujp1f4OkHpiCIH974P4M338dB2IBlGuuDVUsdxxjeQZwxPYRKs:h3fSh+rpCIx4gg3gnl/IVUs1jePs

Malware Config

Extracted

Family

gozi

Targets

    • Target

      83a09271b45d7ea507347edf6d0db0dd

    • Size

      2.9MB

    • MD5

      83a09271b45d7ea507347edf6d0db0dd

    • SHA1

      0676c7c21e82da30ff62fdffc9f0d368bd8d003c

    • SHA256

      47eb1c786b2cb01a46e90387970ad9d57408f6b0f25ad3bba59b5d00b46e0fef

    • SHA512

      60dc890346882b8e8d01e00a246262ee0799a49e530bb572b5f93bbf49f51141fb92d242a04027b999277d03c1b9b6c1d41d0c04b838a275d14446c66184305b

    • SSDEEP

      49152:h3frdQhujp1f4OkHpiCIH974P4M338dB2IBlGuuDVUsdxxjeQZwxPYRKs:h3fSh+rpCIx4gg3gnl/IVUs1jePs

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks