Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    95be18d77580bcc6a619e07fdbaa612e

  • Size

    5.8MB

  • Sample

    240212-ajgeysdb2v

  • MD5

    95be18d77580bcc6a619e07fdbaa612e

  • SHA1

    c83772e0dea82008d7caad2bc65726ff4b08c24b

  • SHA256

    90d4c0161bf9476c744e48643f782306e38e832a0dec793e60be2f5442a9763d

  • SHA512

    1b323ff331f07536126924c3381cc77f717d7b5d8f11817e387ec7071bbb5b21f2082cc072c6ef240fc4b4feb44d34249b6ab004ea93aaacffdb8ce7b3d5d4bc

  • SSDEEP

    98304:ve7wDF+Cf4HBUCczzM3nzyrpi5blfPm8b4HBUCczzM3:vuwxaWC7IpSVj0WC

Malware Config

Extracted

Family

gozi

Targets

    • Target

      95be18d77580bcc6a619e07fdbaa612e

    • Size

      5.8MB

    • MD5

      95be18d77580bcc6a619e07fdbaa612e

    • SHA1

      c83772e0dea82008d7caad2bc65726ff4b08c24b

    • SHA256

      90d4c0161bf9476c744e48643f782306e38e832a0dec793e60be2f5442a9763d

    • SHA512

      1b323ff331f07536126924c3381cc77f717d7b5d8f11817e387ec7071bbb5b21f2082cc072c6ef240fc4b4feb44d34249b6ab004ea93aaacffdb8ce7b3d5d4bc

    • SSDEEP

      98304:ve7wDF+Cf4HBUCczzM3nzyrpi5blfPm8b4HBUCczzM3:vuwxaWC7IpSVj0WC

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks