Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    960fa5935476e6fce5542912c57e4301

  • Size

    2.7MB

  • Sample

    240212-dfct5saf2y

  • MD5

    960fa5935476e6fce5542912c57e4301

  • SHA1

    0b89040eb4d77d39c6554ccca7eb7d574b5aae94

  • SHA256

    eccded5bae97d375cb00523238d3d688df33fe1fccdcd9e1af0973f2fdd3f6fa

  • SHA512

    d240c001b9c7e533b4616f032064cffc38121dfb60bbfab49a5e3686114e39237250a7f1fd65c75a9aed1f3731a19cae0d74397a5f9225b31bd451362b32503e

  • SSDEEP

    49152:OpOOJSFqB4nx9cdUBw7WEvIN3ztG/H4/jnOYplIQLnBw:tOJSFqB4x9djeINhCgnO6V

Malware Config

Extracted

Family

gozi

Targets

    • Target

      960fa5935476e6fce5542912c57e4301

    • Size

      2.7MB

    • MD5

      960fa5935476e6fce5542912c57e4301

    • SHA1

      0b89040eb4d77d39c6554ccca7eb7d574b5aae94

    • SHA256

      eccded5bae97d375cb00523238d3d688df33fe1fccdcd9e1af0973f2fdd3f6fa

    • SHA512

      d240c001b9c7e533b4616f032064cffc38121dfb60bbfab49a5e3686114e39237250a7f1fd65c75a9aed1f3731a19cae0d74397a5f9225b31bd451362b32503e

    • SSDEEP

      49152:OpOOJSFqB4nx9cdUBw7WEvIN3ztG/H4/jnOYplIQLnBw:tOJSFqB4x9djeINhCgnO6V

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks