Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    97cbe0c1b1b41a02bb18739467ef9857

  • Size

    2.7MB

  • Sample

    240212-2m519sdf3t

  • MD5

    97cbe0c1b1b41a02bb18739467ef9857

  • SHA1

    e5a9aac6ba015349be34a9cf106b350525d3a7fa

  • SHA256

    df083dff37201bdb47d3fad95d98f3c197f950c6cbade2255d4a8a1fbe584349

  • SHA512

    c4a352fd282fc23b5ed3f3b96b50f449ed4057654e3aaa5c68f99700580a4269120cde1e32c00ff63e94d56daa31feafdf29e68d370445e68aaf4e057ca55bf5

  • SSDEEP

    49152:TwYiagLvcia0LOekq4PnSGe1fQjPj/vMEfF7UjXSerjXpswxgDlhYsup:f+Oekq4Pe9MPzvMwF7MXSYswH9p

Malware Config

Extracted

Family

gozi

Targets

    • Target

      97cbe0c1b1b41a02bb18739467ef9857

    • Size

      2.7MB

    • MD5

      97cbe0c1b1b41a02bb18739467ef9857

    • SHA1

      e5a9aac6ba015349be34a9cf106b350525d3a7fa

    • SHA256

      df083dff37201bdb47d3fad95d98f3c197f950c6cbade2255d4a8a1fbe584349

    • SHA512

      c4a352fd282fc23b5ed3f3b96b50f449ed4057654e3aaa5c68f99700580a4269120cde1e32c00ff63e94d56daa31feafdf29e68d370445e68aaf4e057ca55bf5

    • SSDEEP

      49152:TwYiagLvcia0LOekq4PnSGe1fQjPj/vMEfF7UjXSerjXpswxgDlhYsup:f+Oekq4Pe9MPzvMwF7MXSYswH9p

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks