Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

53cef56507...20.exe

windows7-x64

10

53cef56507...20.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    53cef565077e1ba82825cd96017ff7e5d43ab9ba1ab9885d70fd129ec1f57020.exe

  • Size

    6.8MB

  • Sample

    240228-t64njsgf4v

  • MD5

    02b0a64fe2784c334a5a7d835b301c95

  • SHA1

    3a8eadba100c38378fbd0b3f22bad47a363fcdda

  • SHA256

    53cef565077e1ba82825cd96017ff7e5d43ab9ba1ab9885d70fd129ec1f57020

  • SHA512

    2d1b91593636c736faec83867c2688b65befd4357320ed8e5e903d09dd682b2626602eac6ff1b6fe13967a3f2dc30db8d4521a795d18e707f92d880d28f541bf

  • SSDEEP

    49152:wd1k+vecp3VHOr38IHn60Mel24xLxMPS1Abr8GsFTULqrfAOtf:wdpGcp3Qr8IHn44xIJbnef

Score
10/10
zgratratspyware

Malware Config

Targets

    • Target

      53cef565077e1ba82825cd96017ff7e5d43ab9ba1ab9885d70fd129ec1f57020.exe

    • Size

      6.8MB

    • MD5

      02b0a64fe2784c334a5a7d835b301c95

    • SHA1

      3a8eadba100c38378fbd0b3f22bad47a363fcdda

    • SHA256

      53cef565077e1ba82825cd96017ff7e5d43ab9ba1ab9885d70fd129ec1f57020

    • SHA512

      2d1b91593636c736faec83867c2688b65befd4357320ed8e5e903d09dd682b2626602eac6ff1b6fe13967a3f2dc30db8d4521a795d18e707f92d880d28f541bf

    • SSDEEP

      49152:wd1k+vecp3VHOr38IHn60Mel24xLxMPS1Abr8GsFTULqrfAOtf:wdpGcp3Qr8IHn44xIJbnef

    Score
    10/10
    zgratratspyware

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks