Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    96f6737e503c59e21fb20a6d52a571be

  • Size

    5.3MB

  • Sample

    240212-msdfwabc6y

  • MD5

    96f6737e503c59e21fb20a6d52a571be

  • SHA1

    de6d20469f12ac96e697854b1015823c7d4589e2

  • SHA256

    547f1d26fb48ddfe7804fce88ff4480776c1ec83e5e6279514996c2e0405210b

  • SHA512

    74757e02777df6770b88314f85668c575a80f2e2f72f3d80c1ce90a0f74d9deaf345fc7acdf16a85d2516fcddfb4e6124735dc34c68910db2cbe7bea580ece28

  • SSDEEP

    98304:/cO6DDhWAzJHVRGst2HAutVBGubFAHTYTEAioDixihHVRGst2HAutVBGubFAHj:30FJ9zXtsAutVlZAzYgAioDiYzXtsAu8

Malware Config

Extracted

Family

gozi

Targets

    • Target

      96f6737e503c59e21fb20a6d52a571be

    • Size

      5.3MB

    • MD5

      96f6737e503c59e21fb20a6d52a571be

    • SHA1

      de6d20469f12ac96e697854b1015823c7d4589e2

    • SHA256

      547f1d26fb48ddfe7804fce88ff4480776c1ec83e5e6279514996c2e0405210b

    • SHA512

      74757e02777df6770b88314f85668c575a80f2e2f72f3d80c1ce90a0f74d9deaf345fc7acdf16a85d2516fcddfb4e6124735dc34c68910db2cbe7bea580ece28

    • SSDEEP

      98304:/cO6DDhWAzJHVRGst2HAutVBGubFAHTYTEAioDixihHVRGst2HAutVBGubFAHj:30FJ9zXtsAutVlZAzYgAioDiYzXtsAu8

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks