Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

6bb1fc39a7...72.exe

windows7-x64

10

6bb1fc39a7...72.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6bb1fc39a710a20d4bd7779731e0a972

  • Size

    12.7MB

  • Sample

    231226-nvd1vsffc4

  • MD5

    6bb1fc39a710a20d4bd7779731e0a972

  • SHA1

    12b64c61fe8208acef248ec8e29fdad3bbf90758

  • SHA256

    ed1d9fc091189331d57eba3193aa865680c155c2f1d846ca8a408c70edda8e8d

  • SHA512

    6b4b2dd220cd376d9117dd88cb4ceb406148c1cbb42dfa3955d68e33c38e29021f03ff64887b3b4877fe8158a5a63140ba8f9247274f607ccaa54b79225c9b96

  • SSDEEP

    49152:lD6jEjcV5chDISveiY6gDosgTsraT8q7u7jhQFjlRYHK8t54cZ1kZccahMPonhzM:pTOeuLFGiJ3P0

Score
10/10
zgratratupx

Malware Config

Targets

    • Target

      6bb1fc39a710a20d4bd7779731e0a972

    • Size

      12.7MB

    • MD5

      6bb1fc39a710a20d4bd7779731e0a972

    • SHA1

      12b64c61fe8208acef248ec8e29fdad3bbf90758

    • SHA256

      ed1d9fc091189331d57eba3193aa865680c155c2f1d846ca8a408c70edda8e8d

    • SHA512

      6b4b2dd220cd376d9117dd88cb4ceb406148c1cbb42dfa3955d68e33c38e29021f03ff64887b3b4877fe8158a5a63140ba8f9247274f607ccaa54b79225c9b96

    • SSDEEP

      49152:lD6jEjcV5chDISveiY6gDosgTsraT8q7u7jhQFjlRYHK8t54cZ1kZccahMPonhzM:pTOeuLFGiJ3P0

    Score
    10/10
    zgratratupx

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • NirSoft WebBrowserPassView

      Password recovery tool for various web browsers

    • Nirsoft

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks