Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7

  • Size

    1.6MB

  • Sample

    240222-bd9pzshf2v

  • MD5

    c1593185065ee09700c89d8c4d12e170

  • SHA1

    29f47d63fda09f396fb0d2583b9ed687601ad207

  • SHA256

    23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7

  • SHA512

    9105d70c84c8f5755b8328fa19e5d91cf82c218ca3ee3e94f9c3011e748939c392361294e02509a763a9fd482e35f297f49cca1cca69821187b69f2ca027c174

  • SSDEEP

    24576:4qDEvCTbMWu7rQYlBQcBiT6rprG8aIcrl35sh:4TvC/MTQYxsWR7aIc5Js

Malware Config

Targets

    • Target

      23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7

    • Size

      1.6MB

    • MD5

      c1593185065ee09700c89d8c4d12e170

    • SHA1

      29f47d63fda09f396fb0d2583b9ed687601ad207

    • SHA256

      23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7

    • SHA512

      9105d70c84c8f5755b8328fa19e5d91cf82c218ca3ee3e94f9c3011e748939c392361294e02509a763a9fd482e35f297f49cca1cca69821187b69f2ca027c174

    • SSDEEP

      24576:4qDEvCTbMWu7rQYlBQcBiT6rprG8aIcrl35sh:4TvC/MTQYxsWR7aIc5Js

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks