Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
89e3c2f8356295b60460eff9511785df.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
89e3c2f8356295b60460eff9511785df.exe
Resource
win10v2004-20231215-en
General
-
Target
89e3c2f8356295b60460eff9511785df
-
Size
5.3MB
-
MD5
89e3c2f8356295b60460eff9511785df
-
SHA1
bed20d36520eee011c5d182684867f780bce3fbe
-
SHA256
71610eaec0ee95d261d3442df7c6ef81b37f8b53227066b9367954ff3970f9ef
-
SHA512
992c0788d0bd97ad4d8364c403f1f6eef4adffca5555781a237005983bd6fd85a7c6b6a607f2341562d9b92b6ba16194fe1ffedf521ed40f92d23b8ca5eb78f6
-
SSDEEP
98304:b9H0pN4r8ViVXHQPQNcSaHy7To1XoBtfHBHQPQNcSaHj:ZH0pm8Vg7Nta/1itfHB7NtaD
Malware Config
Extracted
gozi
Signatures
Files
-
89e3c2f8356295b60460eff9511785df.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 141KB - Virtual size: 144KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE