Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9845aadc4b99341261b15d3128740e13

  • Size

    1.3MB

  • Sample

    240213-c52n5adb62

  • MD5

    9845aadc4b99341261b15d3128740e13

  • SHA1

    d8b16de37f07231eb0bcd35510df11de977d5680

  • SHA256

    2d5ba4959f927296c0b6c6739ece5a1abcd0ee3720d8d75b7b4d37657be8b7ab

  • SHA512

    126e76db0df70bc6a92f069362da76f7130f26fc0ed06368a9127104de57c7683c1a5a1ed18f52288b15b578cf8fb64ae90318b4b73450150cb36460b850f7e2

  • SSDEEP

    24576:HWfy5RcoNRK9tWxiLk8hPrwPDzkvAGG+AybvB+OOoLUL+Agm1eDS8U9/9Us:HZRtN+WELlMP3GbQbgnOR9j

Malware Config

Extracted

Family

gozi

Targets

    • Target

      9845aadc4b99341261b15d3128740e13

    • Size

      1.3MB

    • MD5

      9845aadc4b99341261b15d3128740e13

    • SHA1

      d8b16de37f07231eb0bcd35510df11de977d5680

    • SHA256

      2d5ba4959f927296c0b6c6739ece5a1abcd0ee3720d8d75b7b4d37657be8b7ab

    • SHA512

      126e76db0df70bc6a92f069362da76f7130f26fc0ed06368a9127104de57c7683c1a5a1ed18f52288b15b578cf8fb64ae90318b4b73450150cb36460b850f7e2

    • SSDEEP

      24576:HWfy5RcoNRK9tWxiLk8hPrwPDzkvAGG+AybvB+OOoLUL+Agm1eDS8U9/9Us:HZRtN+WELlMP3GbQbgnOR9j

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks