Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

pct_free_i...00.exe

windows7-x64

10

pct_free_i...00.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    setup.zip

  • Size

    2.7MB

  • Sample

    231220-fyegssgdf9

  • MD5

    9494c2f1fa5cc1cba5543c278e4c07f6

  • SHA1

    53ed2bf21ed3858861a574d65f90828eeb0302a7

  • SHA256

    c12a928622888460689dbb5e4325f50643a6410800b7f956e4acbb58ad880f3a

  • SHA512

    b628f0a227c0ec5e911427a340b391b92a7514e35d3ec299734b2ffc4522c08306ed697ddaa93b061e90c213fabaca8da1d974499cdd9cb8812ece99e1c5b46a

  • SSDEEP

    49152:GrHol1+d82UvgvDtEXUdWQ4Mnit5ypt0quujBy+ZwxSinyvwds8M8:GLoPvmDtEE54ft5ypt27+exSiny4ZB

Score
10/10
lummazgratratstealer

Malware Config

Targets

    • Target

      pct_free_installer_20231219.1-100000.exe

    • Size

      2.8MB

    • MD5

      05eb05252788c2d1378ec2d801360cca

    • SHA1

      b90b65df0ef136a67d4c9dc7a3bf7a9c0d9b5375

    • SHA256

      8fdafd89fbea6d568a93eb957157c3fd795c9017f661973005d4ba91f661ebcb

    • SHA512

      361349a6735ff72d1409154c921af0c420c115b7f0f4cc620863e8165a1d388b5be0916e64bc113caf4d3972bd132ecaf342a6f9a21d5c8f8ccd81605a53d7cc

    • SSDEEP

      49152:bZC7YH8WUbAwrcgn8d8HMjF5srtQEw9H0+VCjyYcgn8d8HMy:bZC5brcg804F5srtQU+IjyYcg80/

    Score
    10/10
    lummazgratratstealer

    • Detect Lumma Stealer payload V4

    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks