Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

b843b704dd...54.exe

windows7-x64

10

b843b704dd...54.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b843b704dd6690f5cc7a8a400674b054.exe

  • Size

    3.9MB

  • Sample

    231126-gbqf8afc6z

  • MD5

    b843b704dd6690f5cc7a8a400674b054

  • SHA1

    fec8571d6b9e1ae91e4cb0ff7d1a6477ff0888a9

  • SHA256

    fc07e1f14fe415abbf50144169406b444d1a70a06332892004d29e286da08f37

  • SHA512

    29f7e4bb063677f848ba45eb0e90dba542dceff1aa7c8a517d42645700545058fb6e507bc267678c0cc8c73d6f070f21e7d5bc78bd2540b5bd0384c0d4d3c2a3

  • SSDEEP

    98304:ySA5A5qQ2o3QCHp2IzQCI2qQv3zjb7iK3OPBOMVw/WBmCL:Vv5WUQC4IzQL21zjb7X3uQMVYzO

Score
10/10
zgratratspywarestealer

Malware Config

Targets

    • Target

      b843b704dd6690f5cc7a8a400674b054.exe

    • Size

      3.9MB

    • MD5

      b843b704dd6690f5cc7a8a400674b054

    • SHA1

      fec8571d6b9e1ae91e4cb0ff7d1a6477ff0888a9

    • SHA256

      fc07e1f14fe415abbf50144169406b444d1a70a06332892004d29e286da08f37

    • SHA512

      29f7e4bb063677f848ba45eb0e90dba542dceff1aa7c8a517d42645700545058fb6e507bc267678c0cc8c73d6f070f21e7d5bc78bd2540b5bd0384c0d4d3c2a3

    • SSDEEP

      98304:ySA5A5qQ2o3QCHp2IzQCI2qQv3zjb7iK3OPBOMVw/WBmCL:Vv5WUQC4IzQL21zjb7X3uQMVYzO

    Score
    10/10
    zgratratspywarestealer

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks