Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
89c497d0127c669b86a52a5c6833b25c.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
89c497d0127c669b86a52a5c6833b25c.exe
Resource
win10v2004-20231215-en
General
-
Target
89c497d0127c669b86a52a5c6833b25c
-
Size
5.3MB
-
MD5
89c497d0127c669b86a52a5c6833b25c
-
SHA1
642634f79cd2db7f0caab3d5786608ad85cee4c8
-
SHA256
fd58415e0d71d7cb35d07cd6739d51f6cb486c11c37067dd2fe549fb2e9f0df8
-
SHA512
7bcd05a1a6525cc09f3d01a67081c05de60a93d8afee3a8847fd1025ce933ccd338fbaa9ddb19d2c888eacd2c5be996cf9ac5362476fd25b9b84b47b789565ca
-
SSDEEP
98304:9TXID5b9tsHnH8Keka3IAwWyk9HvCocbnuXADG266fH8Keka3IAwWyk9Hj:xXIDp9advS9lPCoGuAi266fdvS9lD
Malware Config
Extracted
gozi
Signatures
Files
-
89c497d0127c669b86a52a5c6833b25c.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 141KB - Virtual size: 144KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE