Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Trojan.Win32.Znyonm.zip

  • Size

    3.3MB

  • Sample

    231101-2eakdsdh4x

  • MD5

    0ad46ae9f67403df30297de3a0b9fdd4

  • SHA1

    c471d6769c23750eb9cda9a184997bbd5d330551

  • SHA256

    00ac0b1a194d63f9c35c12764ffb5ba8577c6980cc34d4cf86b486bf046671bd

  • SHA512

    3807b92dfa7dd68207c50c4eda8e6b9b0c67cabb0251f8da26ed70e87676d0be3dbefb60375ece8605f63410082cde9876e993f1286a388c712c59146163e67d

  • SSDEEP

    98304:DUzMcoL+bXhUdc1X2ibDkNfYBDIwfiiJ71OlgwB/dv:8f1bXWm17Dk29/J7vEVv

Score
10/10

Malware Config

Targets

    • Target

      Trojan.Win32.Znyonm.exe

    • Size

      5.5MB

    • MD5

      211c3aecddbb97738943a1d9471ba7c2

    • SHA1

      739cde98ae0761fb6e88fa548af75ea512631655

    • SHA256

      44083be323ff08f7d4291a4b13a983ba680e3a793db7bd123179378e39d2a31b

    • SHA512

      bae5ee49ae159167c0eae1dfc815a9039f85e2b4137f43dd6bd0dfa72d9cc82dac9796518bb4abf54e6b9c121c50d53e3eac8f28ab8bd71531a40db47ce253fd

    • SSDEEP

      98304:ThM4FP72iUsD1nMx7tHcCWQzWXMw5qOzV3Mr7jt4SNnVYm9GkAQ+qvkAKLpLjH9j:tJ1Yu1Mx7tHcdQzMljx3C6SDY/kAQ+rH

    Score
    10/10
    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks