Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    98e2a9a5e0c84e21cfb7c7755ef6494a

  • Size

    4.8MB

  • Sample

    240213-js4fhsed23

  • MD5

    98e2a9a5e0c84e21cfb7c7755ef6494a

  • SHA1

    d5ea3f1eec0d4ca8502da84a62b425d89d919bc5

  • SHA256

    61a60f637baad4c61f7fccde7c22e591c90e1b9af270e9d0e1608c1b4931f0e1

  • SHA512

    4dce36888de72518549c7ac42556bfff7b3af3ed45bc774dc267c0af129a7dc332dac24d10fb5c39bb43d885e20a1dc545bb81653a2f26dbba100ba37b31e5f6

  • SSDEEP

    98304:pQLEgg3gnl/IVUs1jn79BdDl72Q8nN6Pgg3gnl/IVUs1jr:0Qgl/iB3xDl72rn6gl/iBP

Malware Config

Extracted

Family

gozi

Targets

    • Target

      98e2a9a5e0c84e21cfb7c7755ef6494a

    • Size

      4.8MB

    • MD5

      98e2a9a5e0c84e21cfb7c7755ef6494a

    • SHA1

      d5ea3f1eec0d4ca8502da84a62b425d89d919bc5

    • SHA256

      61a60f637baad4c61f7fccde7c22e591c90e1b9af270e9d0e1608c1b4931f0e1

    • SHA512

      4dce36888de72518549c7ac42556bfff7b3af3ed45bc774dc267c0af129a7dc332dac24d10fb5c39bb43d885e20a1dc545bb81653a2f26dbba100ba37b31e5f6

    • SSDEEP

      98304:pQLEgg3gnl/IVUs1jn79BdDl72Q8nN6Pgg3gnl/IVUs1jr:0Qgl/iB3xDl72rn6gl/iBP

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks