Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
298b60803e55766b90d8e0137cd94518a3a00479c1c290c3910c1bc366d55a48
-
Size
4.9MB
-
Sample
240918-phk43s1fkp
-
MD5
b7ba455402be889ac3ae471387c4a0e9
-
SHA1
8198523e2c6f714102a6316bb824475cb508bae9
-
SHA256
298b60803e55766b90d8e0137cd94518a3a00479c1c290c3910c1bc366d55a48
-
SHA512
3746d991c438bc28aa5ea32f81b39121f9d527ea199c1a7d4e64718c5dcbdd9b91ba981bcee0a1619133f0719b59fc2679d4be8a7170c5d56a27151376059b2e
-
SSDEEP
98304:Db7A9aMnac9OyZ8DpCQdGWR+O/4vAXjU2lSBjlYh2grFZyNgnRC2b/BzM0DjGrCH:TRyEbgpR9ySBjGBkiR/P6O8neO3o
Malware Config
Extracted
gozi
Targets
-
-
Target
298b60803e55766b90d8e0137cd94518a3a00479c1c290c3910c1bc366d55a48
-
Size
4.9MB
-
MD5
b7ba455402be889ac3ae471387c4a0e9
-
SHA1
8198523e2c6f714102a6316bb824475cb508bae9
-
SHA256
298b60803e55766b90d8e0137cd94518a3a00479c1c290c3910c1bc366d55a48
-
SHA512
3746d991c438bc28aa5ea32f81b39121f9d527ea199c1a7d4e64718c5dcbdd9b91ba981bcee0a1619133f0719b59fc2679d4be8a7170c5d56a27151376059b2e
-
SSDEEP
98304:Db7A9aMnac9OyZ8DpCQdGWR+O/4vAXjU2lSBjlYh2grFZyNgnRC2b/BzM0DjGrCH:TRyEbgpR9ySBjGBkiR/P6O8neO3o
Score10/10-
Gozi
Gozi is a well-known and widely distributed banking trojan.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-