Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7

  • Size

    1.3MB

  • Sample

    240203-b2ymmadhg3

  • MD5

    5d762b6b02a088d09c6c5376f2a45110

  • SHA1

    a178a3968678e68efa5ab44f2343971670fdc10c

  • SHA256

    e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7

  • SHA512

    77af03fb2ad4ea5993f719be031debfee8a5b7956d8c50b4c755a25ad41297f83d1a2e1835b21b136e42eaedbc6f2c2d20400c49d1500b4d3552ff402a43826f

  • SSDEEP

    24576:vAHnh+eWsN3skA4RV1Hom2KXMmHan8QnGDLRKbhLBDU+iI3+85:Sh+ZkldoPK8Ya8QnGDLRcLhLiId

Malware Config

Targets

    • Target

      e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7

    • Size

      1.3MB

    • MD5

      5d762b6b02a088d09c6c5376f2a45110

    • SHA1

      a178a3968678e68efa5ab44f2343971670fdc10c

    • SHA256

      e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7

    • SHA512

      77af03fb2ad4ea5993f719be031debfee8a5b7956d8c50b4c755a25ad41297f83d1a2e1835b21b136e42eaedbc6f2c2d20400c49d1500b4d3552ff402a43826f

    • SSDEEP

      24576:vAHnh+eWsN3skA4RV1Hom2KXMmHan8QnGDLRKbhLBDU+iI3+85:Sh+ZkldoPK8Ya8QnGDLRcLhLiId

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks