Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0ff1ba8b00c5a9cb74cbbddeb8d6ce1b.exe
-
Size
3.3MB
-
Sample
240311-t6321saf28
-
MD5
0ff1ba8b00c5a9cb74cbbddeb8d6ce1b
-
SHA1
58ff20ceb54d0f82e448da544d0a2abda5ac1a29
-
SHA256
b01e636d6d097a9025ae2b20caa08aa9068690a78a42af4115cd8c4741910ef2
-
SHA512
6a80f5d9581efb84348b55f26ea8080d3d947b622f8f5266edd9834026347542270edd924be497b38bc40fab09e83d32bed1463504c3ac6b37587f816c8fd4d4
-
SSDEEP
98304:SQgr80abONjWZ2J1qfuj3niZ42mftWrzDw7VXIMfVFjD3pJcJpi:er80abMjx1JiSVQ41IMfLf
Malware Config
Targets
-
-
Target
0ff1ba8b00c5a9cb74cbbddeb8d6ce1b.exe
-
Size
3.3MB
-
MD5
0ff1ba8b00c5a9cb74cbbddeb8d6ce1b
-
SHA1
58ff20ceb54d0f82e448da544d0a2abda5ac1a29
-
SHA256
b01e636d6d097a9025ae2b20caa08aa9068690a78a42af4115cd8c4741910ef2
-
SHA512
6a80f5d9581efb84348b55f26ea8080d3d947b622f8f5266edd9834026347542270edd924be497b38bc40fab09e83d32bed1463504c3ac6b37587f816c8fd4d4
-
SSDEEP
98304:SQgr80abONjWZ2J1qfuj3niZ42mftWrzDw7VXIMfVFjD3pJcJpi:er80abMjx1JiSVQ41IMfLf
Score10/10-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
ZGRat
ZGRat is remote access trojan written in C#.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-