Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d220fe663a310f232ac635ee7b9c1530N

  • Size

    163KB

  • Sample

    240910-b56gmssfkf

  • MD5

    d220fe663a310f232ac635ee7b9c1530

  • SHA1

    34fa3edef1a12b6294ece7c25552c3f766d2ec29

  • SHA256

    75fe3d0a85c93e7fbcd12b4da720a92e6d767891d688a2da2ac8df948fb50c33

  • SHA512

    6c9bcd7f07e2386541de70645ef06aefbe43eeaa78682c17c6d92a4fd9c0a1ad057a225179e731b492d37172cc4b9728c0e94db4bf5c7286fe9df66ad25dc9f4

  • SSDEEP

    1536:PN6JwSkk0aAlwJi/KzkYP5DUEcTWwlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:l6JwSkk9wWFPfMWwltOrWKDBr+yJb

Malware Config

Extracted

Family

gozi

Targets

    • Target

      d220fe663a310f232ac635ee7b9c1530N

    • Size

      163KB

    • MD5

      d220fe663a310f232ac635ee7b9c1530

    • SHA1

      34fa3edef1a12b6294ece7c25552c3f766d2ec29

    • SHA256

      75fe3d0a85c93e7fbcd12b4da720a92e6d767891d688a2da2ac8df948fb50c33

    • SHA512

      6c9bcd7f07e2386541de70645ef06aefbe43eeaa78682c17c6d92a4fd9c0a1ad057a225179e731b492d37172cc4b9728c0e94db4bf5c7286fe9df66ad25dc9f4

    • SSDEEP

      1536:PN6JwSkk0aAlwJi/KzkYP5DUEcTWwlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVU:l6JwSkk9wWFPfMWwltOrWKDBr+yJb

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks