Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    977a7994d9f57e5e2c9631ef923c65a4

  • Size

    5.3MB

  • Sample

    240212-sq9desaf78

  • MD5

    977a7994d9f57e5e2c9631ef923c65a4

  • SHA1

    928c65e945b458e91e0e7312ace38d481a1387d7

  • SHA256

    9a8b39f61b84aef85c96cd8bc02d1c940cea8624d4a4ab8f4adbd33ba6cc8059

  • SHA512

    018ffdbc3cedc19cf82aacd0f591a158439863ec67b9c619ee4cb389fb21e00cb04ee9278b8959274da10cbcba8a0e7d3e4e6bf4137721c451149bd0634938f3

  • SSDEEP

    98304:LW1DM0t15pCDQI0iDZga8W1j3M3FzMBkYTllyIQI0iDZga8W1j3:cb7CDFDC+Z3EF2kYTlkIFDC+Z3

Malware Config

Extracted

Family

gozi

Targets

    • Target

      977a7994d9f57e5e2c9631ef923c65a4

    • Size

      5.3MB

    • MD5

      977a7994d9f57e5e2c9631ef923c65a4

    • SHA1

      928c65e945b458e91e0e7312ace38d481a1387d7

    • SHA256

      9a8b39f61b84aef85c96cd8bc02d1c940cea8624d4a4ab8f4adbd33ba6cc8059

    • SHA512

      018ffdbc3cedc19cf82aacd0f591a158439863ec67b9c619ee4cb389fb21e00cb04ee9278b8959274da10cbcba8a0e7d3e4e6bf4137721c451149bd0634938f3

    • SSDEEP

      98304:LW1DM0t15pCDQI0iDZga8W1j3M3FzMBkYTllyIQI0iDZga8W1j3:cb7CDFDC+Z3EF2kYTlkIFDC+Z3

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks