Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SRTWARE LOADER V2.zip
-
Size
908KB
-
Sample
240224-jebtcaeb5x
-
MD5
1ffd3a69bd5820e9ab192b595714b997
-
SHA1
24a4a07544a8720112695f284f571e8cb9e0e118
-
SHA256
96996e79693217c967f9a62a997a53137b4b712c9419b7c6cdff2ee8851d7a4a
-
SHA512
5d0a862672259e4e97cf381f7d89f452fe5b155110685ed7ae9af402f2608aeabe81957d0e13a7f7584398d0dbc8acc4c472a973f8d651ed73d128cbdcc5c151
-
SSDEEP
24576:WYR7aOu4WokDYN/rqO/mmakEnjwiK/3npzwslGrcm4IU:XVaV4Jk0NTqERKnRK/Zzw6Gr8t
Static task
static1
Behavioral task
behavioral1
Sample
SRTWARE LOADER/Loader.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
SRTWARE LOADER/Loader.exe
-
Size
18KB
-
MD5
de864db51c37274b514bf755e32dbbaf
-
SHA1
1c61b7eee7e0251551208b70dd76a8e3c67f14c6
-
SHA256
1a2e8e921618fb0fd4507fc6b56ed172318812116d99bc551ec4e9e416282393
-
SHA512
bdb9913fe990a964040567a9752107921e28668bd78c5e59900ea05d007c6b2a1b4acd8ce69f53abf9ae4e15b7b2eeba72205db25ed81be1f6b38c789807f902
-
SSDEEP
384:N9fBKvt6ozbwRMGk79jle1eOLQLw36gSrOT9HcZZn0:NRBKvt6V/k7SkqQn5pL0
Score10/10-
Detect ZGRat V1
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Creates new service(s)
-
Downloads MZ/PE file
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-