Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

c124f00908...8e.exe

windows7-x64

10

c124f00908...8e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c124f00908309cd17feca68030e5d58e.exe

  • Size

    3.6MB

  • Sample

    240127-g515tageck

  • MD5

    c124f00908309cd17feca68030e5d58e

  • SHA1

    7b3b43803a22887c780e545d1b480d56c573819d

  • SHA256

    975033d24044a83505ee98f9f3b857e114ccb5f6179db6dce90804af911eea8f

  • SHA512

    8df041a00ae350f74e12e91a6b6050ab0b64a45c3606b483fe2f43a4c9a2ad35e09a6aab9da4a73fb70bf21c84d4e3dc230aa52cfeff884eabd8ff5434356e05

  • SSDEEP

    98304:CQAY9x3ZQXzWyzoYqxL24dUVOOFHxKf0/0sa:CQAYvpQXr8Yqx3dunqcs

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      c124f00908309cd17feca68030e5d58e.exe

    • Size

      3.6MB

    • MD5

      c124f00908309cd17feca68030e5d58e

    • SHA1

      7b3b43803a22887c780e545d1b480d56c573819d

    • SHA256

      975033d24044a83505ee98f9f3b857e114ccb5f6179db6dce90804af911eea8f

    • SHA512

      8df041a00ae350f74e12e91a6b6050ab0b64a45c3606b483fe2f43a4c9a2ad35e09a6aab9da4a73fb70bf21c84d4e3dc230aa52cfeff884eabd8ff5434356e05

    • SSDEEP

      98304:CQAY9x3ZQXzWyzoYqxL24dUVOOFHxKf0/0sa:CQAYvpQXr8Yqx3dunqcs

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks