Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1e66433493d9aad550a2febe2433bd117129e968b055841c7ae1997369ac0511.exe
-
Size
694KB
-
Sample
240307-ckxvfaeb61
-
MD5
9bae6d3afb22e8f8c8aba60f652d55ec
-
SHA1
9d909c53191dad75c84c75067594bd470cf34dac
-
SHA256
1e66433493d9aad550a2febe2433bd117129e968b055841c7ae1997369ac0511
-
SHA512
c664c37247e6a5209581a6be63ced107d98937ba119ca6a2dec2bda9cfb48dea751083f0c4e86026fc9d05c2b5cb76a68375c90095d0491152b695678bccc992
-
SSDEEP
12288:tsQ4ZUXCJVkKs1Xx83mSsFhtFrnQbWWODTDBAYL/u5cvprvhrmYTl39521aV:todVknRxQBsFrFrnjtDT1AYL/Gkprvh3
Malware Config
Targets
-
-
Target
1e66433493d9aad550a2febe2433bd117129e968b055841c7ae1997369ac0511.exe
-
Size
694KB
-
MD5
9bae6d3afb22e8f8c8aba60f652d55ec
-
SHA1
9d909c53191dad75c84c75067594bd470cf34dac
-
SHA256
1e66433493d9aad550a2febe2433bd117129e968b055841c7ae1997369ac0511
-
SHA512
c664c37247e6a5209581a6be63ced107d98937ba119ca6a2dec2bda9cfb48dea751083f0c4e86026fc9d05c2b5cb76a68375c90095d0491152b695678bccc992
-
SSDEEP
12288:tsQ4ZUXCJVkKs1Xx83mSsFhtFrnQbWWODTDBAYL/u5cvprvhrmYTl39521aV:todVknRxQBsFrFrnjtDT1AYL/Gkprvh3
Score10/10-
Detect ZGRat V1
-
ZGRat
ZGRat is remote access trojan written in C#.
-
Detects executables packed with unregistered version of .NET Reactor
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-