Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d8a2d92eeedda7214767ae29df6fae9e8793f9207a26db3bd346af2d3d50cbca.exe
-
Size
3.5MB
-
Sample
240311-cvqh4sae3z
-
MD5
1b386f1c6ccf7750b146172492951092
-
SHA1
fa4ebd833978504374bbf60ce568b5937ee60ed7
-
SHA256
d8a2d92eeedda7214767ae29df6fae9e8793f9207a26db3bd346af2d3d50cbca
-
SHA512
0ea7a2560ba07013f37230a35695eacb72dbdfc85fbcacfda49a6cd71e10e2835f2670f70017f00942f329f86ae5a17433b8d4ea51a94ae9cbc983eed7cc356d
-
SSDEEP
98304:g1tWjfqEY30GmmBJgTnOgXO3DxtRQUFwX:g1tWjyETaJgTnOgXIxtqQw
Behavioral task
behavioral1
Sample
d8a2d92eeedda7214767ae29df6fae9e8793f9207a26db3bd346af2d3d50cbca.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
d8a2d92eeedda7214767ae29df6fae9e8793f9207a26db3bd346af2d3d50cbca.exe
-
Size
3.5MB
-
MD5
1b386f1c6ccf7750b146172492951092
-
SHA1
fa4ebd833978504374bbf60ce568b5937ee60ed7
-
SHA256
d8a2d92eeedda7214767ae29df6fae9e8793f9207a26db3bd346af2d3d50cbca
-
SHA512
0ea7a2560ba07013f37230a35695eacb72dbdfc85fbcacfda49a6cd71e10e2835f2670f70017f00942f329f86ae5a17433b8d4ea51a94ae9cbc983eed7cc356d
-
SSDEEP
98304:g1tWjfqEY30GmmBJgTnOgXO3DxtRQUFwX:g1tWjyETaJgTnOgXIxtqQw
-
Detect ZGRat V1
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Detects executables packed with unregistered version of .NET Reactor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-