Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    878f7d021773cb207f12681452011fa6

  • Size

    5.3MB

  • Sample

    240201-wyarlsdhgk

  • MD5

    878f7d021773cb207f12681452011fa6

  • SHA1

    4d74127e562b75294c76510ff212168f9e6a4ef3

  • SHA256

    eeca0bac23665048b40230922afc2b84ecf4562be8c9429c8baefdf01ad9156d

  • SHA512

    8a5b37c66ea11fec545996111448101bc1dd554f243c576eeba5b2da997329c1336cef5f0d6e2e6f89e6b7b7b5727ad012d1265944b95152938606acf3b7e6b1

  • SSDEEP

    98304:KDIZe/XLRzXzgy4HY56jRjYpvsoEa7tFyEpyS0X4HY56jRjYpvp:KDT/XL5XT56jRbstFyEMB56jRC

Malware Config

Extracted

Family

gozi

Targets

    • Target

      878f7d021773cb207f12681452011fa6

    • Size

      5.3MB

    • MD5

      878f7d021773cb207f12681452011fa6

    • SHA1

      4d74127e562b75294c76510ff212168f9e6a4ef3

    • SHA256

      eeca0bac23665048b40230922afc2b84ecf4562be8c9429c8baefdf01ad9156d

    • SHA512

      8a5b37c66ea11fec545996111448101bc1dd554f243c576eeba5b2da997329c1336cef5f0d6e2e6f89e6b7b7b5727ad012d1265944b95152938606acf3b7e6b1

    • SSDEEP

      98304:KDIZe/XLRzXzgy4HY56jRjYpvsoEa7tFyEpyS0X4HY56jRjYpvp:KDT/XL5XT56jRbstFyEMB56jRC

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks