Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

ros88477566tyyfh.exe

windows7-x64

10

ros88477566tyyfh.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ros88477566tyyfh.exe

  • Size

    986KB

  • Sample

    240212-n6erjaed77

  • MD5

    72d6251a4815e987ed734c5143773782

  • SHA1

    a2090227c03e4b034d2304f547c0b2117cf8a06f

  • SHA256

    2f252c0eac5c48177618c5aa351f6fe40105c25ffae42ca0e844c8543d06d768

  • SHA512

    a4d969918292ffe8d8c2daff7521a418b806311c353458c083eb0789b3d7f2baf9bffc8282101ce98f6923e5ad2d73c59a48a83f7880cf31b13b2e1ce4eda49a

  • SSDEEP

    24576:pRmJkcoQricOIQxiZY1iaUGb8fbMxwkrzzUCP3fkDyGS:mJZoQrbTFZY1iaUGb8fbMuyH

Score
10/10
agentteslazgratkeyloggerratspywarestealertrojan

Malware Config

Targets

    • Target

      ros88477566tyyfh.exe

    • Size

      986KB

    • MD5

      72d6251a4815e987ed734c5143773782

    • SHA1

      a2090227c03e4b034d2304f547c0b2117cf8a06f

    • SHA256

      2f252c0eac5c48177618c5aa351f6fe40105c25ffae42ca0e844c8543d06d768

    • SHA512

      a4d969918292ffe8d8c2daff7521a418b806311c353458c083eb0789b3d7f2baf9bffc8282101ce98f6923e5ad2d73c59a48a83f7880cf31b13b2e1ce4eda49a

    • SSDEEP

      24576:pRmJkcoQricOIQxiZY1iaUGb8fbMxwkrzzUCP3fkDyGS:mJZoQrbTFZY1iaUGb8fbMuyH

    Score
    10/10
    agentteslazgratkeyloggerratspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks