Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

NEAS.4fe6f...f4.exe

windows7-x64

1

NEAS.4fe6f...f4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.4fe6f4391fa535d402b0bd20632c1967dbec2b2e77848782b22c320a22f7b1f4.exe

  • Size

    1.4MB

  • Sample

    231111-nh348afc37

  • MD5

    a6c81a90d72b2ca218b6a74996f62e46

  • SHA1

    6ee3282f253d4c117b87c27519505e4b238079f4

  • SHA256

    4fe6f4391fa535d402b0bd20632c1967dbec2b2e77848782b22c320a22f7b1f4

  • SHA512

    411cfa2b0e13b844da6d0741e2bb8a27b854ff884b72b9cb493dfd3d1223bf1472e5b27a4441c182a9894751f03222e78f09d520beb1767160a56a8be603fadc

  • SSDEEP

    24576:US9nR7hC+aARWXVa5RZLVUIICx0TcoXicHVf+ppJ7W:VkiiCxjoBHVf+pT7W

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      NEAS.4fe6f4391fa535d402b0bd20632c1967dbec2b2e77848782b22c320a22f7b1f4.exe

    • Size

      1.4MB

    • MD5

      a6c81a90d72b2ca218b6a74996f62e46

    • SHA1

      6ee3282f253d4c117b87c27519505e4b238079f4

    • SHA256

      4fe6f4391fa535d402b0bd20632c1967dbec2b2e77848782b22c320a22f7b1f4

    • SHA512

      411cfa2b0e13b844da6d0741e2bb8a27b854ff884b72b9cb493dfd3d1223bf1472e5b27a4441c182a9894751f03222e78f09d520beb1767160a56a8be603fadc

    • SSDEEP

      24576:US9nR7hC+aARWXVa5RZLVUIICx0TcoXicHVf+ppJ7W:VkiiCxjoBHVf+pT7W

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks