Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

f0cac64f05...18.exe

windows7-x64

10

f0cac64f05...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f0cac64f05b82671a4a017b28e068c95_JaffaCakes118

  • Size

    6.2MB

  • Sample

    240415-l12m1abg26

  • MD5

    f0cac64f05b82671a4a017b28e068c95

  • SHA1

    33bdcdd99fa21689c3c1184fb8d2db349969d90a

  • SHA256

    a97671649737d422f75174f478319bf45d3dca1e29f022a01a865bfeab14c5e4

  • SHA512

    33b379683ef5267e9d4f15b8eff87989f732bf6e48106ec1b1f4bc52877815182c9af92ff25c7ddfeed571497b49abf59fbcc44b251b3bf778cdd803b76da0a1

  • SSDEEP

    196608:fe4GLZhOxmiUZwt/zIKpMD1HytNYZjDbWpHqy:W4GLZg3UZY+SHKnWYy

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      f0cac64f05b82671a4a017b28e068c95_JaffaCakes118

    • Size

      6.2MB

    • MD5

      f0cac64f05b82671a4a017b28e068c95

    • SHA1

      33bdcdd99fa21689c3c1184fb8d2db349969d90a

    • SHA256

      a97671649737d422f75174f478319bf45d3dca1e29f022a01a865bfeab14c5e4

    • SHA512

      33b379683ef5267e9d4f15b8eff87989f732bf6e48106ec1b1f4bc52877815182c9af92ff25c7ddfeed571497b49abf59fbcc44b251b3bf778cdd803b76da0a1

    • SSDEEP

      196608:fe4GLZhOxmiUZwt/zIKpMD1HytNYZjDbWpHqy:W4GLZg3UZY+SHKnWYy

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks