Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

0a0df93ba3...ab.exe

windows7-x64

10

0a0df93ba3...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0a0df93ba37270e35a35daaf3c1b1eab.exe

  • Size

    1.6MB

  • Sample

    240314-at2tmsea4w

  • MD5

    0a0df93ba37270e35a35daaf3c1b1eab

  • SHA1

    20dfdfae4e2caab0c7baf06769de0b5ab8f3bc8d

  • SHA256

    74d236fe36375d9089df6ecc439bf91f291c89e241e1158e4752dc1dca4b1f66

  • SHA512

    6c1dcba5b35ae2da76bb4b9b77cfdafce9f6a2255165f30f53927f5aac1dc4647d2d96becd930a6d9ac6c3fb205b48baf48b6e80feb7f29b4806c28f559b2ec8

  • SSDEEP

    24576:1tHAOAiXfNN3gP1PLIaf+z21zQsr1z+JC+fBb1y9VAuhz43U:/gOpN41zXZ1N8JCIb09VAuV4

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      0a0df93ba37270e35a35daaf3c1b1eab.exe

    • Size

      1.6MB

    • MD5

      0a0df93ba37270e35a35daaf3c1b1eab

    • SHA1

      20dfdfae4e2caab0c7baf06769de0b5ab8f3bc8d

    • SHA256

      74d236fe36375d9089df6ecc439bf91f291c89e241e1158e4752dc1dca4b1f66

    • SHA512

      6c1dcba5b35ae2da76bb4b9b77cfdafce9f6a2255165f30f53927f5aac1dc4647d2d96becd930a6d9ac6c3fb205b48baf48b6e80feb7f29b4806c28f559b2ec8

    • SSDEEP

      24576:1tHAOAiXfNN3gP1PLIaf+z21zQsr1z+JC+fBb1y9VAuhz43U:/gOpN41zXZ1N8JCIb09VAuV4

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks