Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    84df76d211bcbff43bbfca3f73f68cb0

  • Size

    5.3MB

  • Sample

    240131-trmrgsgcf4

  • MD5

    84df76d211bcbff43bbfca3f73f68cb0

  • SHA1

    45e91b8edd53241a08a4934d46244c8ada96276a

  • SHA256

    3e2990bd05057b4627048e0b77d1b93b1b017be67013a1e2c896605a8d115125

  • SHA512

    5632cc539f44ea2341f70bd06690f070a6a1d37fb5d38a01eafaa6abc2b09e60fe8bfccc67dcb9dff3f360b304a909740b8813c0cc703c10d3ca0a1d92b9e2bc

  • SSDEEP

    98304:jxEmSduucIVlXPuYuh9qN3+i40l6KNjuYuh9qN3+i:jxP2usdu6N3738Kbu6N37

Malware Config

Extracted

Family

gozi

Targets

    • Target

      84df76d211bcbff43bbfca3f73f68cb0

    • Size

      5.3MB

    • MD5

      84df76d211bcbff43bbfca3f73f68cb0

    • SHA1

      45e91b8edd53241a08a4934d46244c8ada96276a

    • SHA256

      3e2990bd05057b4627048e0b77d1b93b1b017be67013a1e2c896605a8d115125

    • SHA512

      5632cc539f44ea2341f70bd06690f070a6a1d37fb5d38a01eafaa6abc2b09e60fe8bfccc67dcb9dff3f360b304a909740b8813c0cc703c10d3ca0a1d92b9e2bc

    • SSDEEP

      98304:jxEmSduucIVlXPuYuh9qN3+i40l6KNjuYuh9qN3+i:jxP2usdu6N3738Kbu6N37

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks