Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    96eb2a0e0b984a2620132158566d3604

  • Size

    5.3MB

  • Sample

    240212-mcaeaaag9t

  • MD5

    96eb2a0e0b984a2620132158566d3604

  • SHA1

    16a467d8066e3092288f1bc397cd0e63433cb678

  • SHA256

    760d8b0e7564d1224fc1f8019d5e55c572ef4eb7c9bca55c4be7eadc1c4263f4

  • SHA512

    d47d981ab1fb55c575a8e9618fccc84db3f47b178472e176877546a41c283f4dfa017ea00ffe7c38722233aa95e8dc04de090e206a1d6053ffcfc308f08bbb1b

  • SSDEEP

    98304:iioak3lqnkDbH4mk7vTbIvHXLfLReit+vH4mk7vTbIvHj:K8nubYmGXm3LfN2YmGXmD

Malware Config

Extracted

Family

gozi

Targets

    • Target

      96eb2a0e0b984a2620132158566d3604

    • Size

      5.3MB

    • MD5

      96eb2a0e0b984a2620132158566d3604

    • SHA1

      16a467d8066e3092288f1bc397cd0e63433cb678

    • SHA256

      760d8b0e7564d1224fc1f8019d5e55c572ef4eb7c9bca55c4be7eadc1c4263f4

    • SHA512

      d47d981ab1fb55c575a8e9618fccc84db3f47b178472e176877546a41c283f4dfa017ea00ffe7c38722233aa95e8dc04de090e206a1d6053ffcfc308f08bbb1b

    • SSDEEP

      98304:iioak3lqnkDbH4mk7vTbIvHXLfLReit+vH4mk7vTbIvHj:K8nubYmGXm3LfN2YmGXmD

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks