Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7e264ee2ab069a92bef6e19ab517e411271370ca5140b3441b833ac36763fef7

  • Size

    448KB

  • Sample

    240417-pltkmaeg24

  • MD5

    1325b50b632883a239fe24c69fbad286

  • SHA1

    a468fd15ebda14c6cab408d1729f5283569255f8

  • SHA256

    7e264ee2ab069a92bef6e19ab517e411271370ca5140b3441b833ac36763fef7

  • SHA512

    47b35e8575a37bbc4c4b5eedbc75b29ef8f71757f72c350b9af3ee6919e983ee0d23d33d47b38674920326404842d1c515007cab7a50e0ac128238ec39faa14e

  • SSDEEP

    6144:cBhXgx3LCH+23nsIQ5IW4KjUTycThlDfERZsywz+FF:cX83L2ntPLKATyc/SrPFF

Score
10/10

Malware Config

Targets

    • Target

      7e264ee2ab069a92bef6e19ab517e411271370ca5140b3441b833ac36763fef7

    • Size

      448KB

    • MD5

      1325b50b632883a239fe24c69fbad286

    • SHA1

      a468fd15ebda14c6cab408d1729f5283569255f8

    • SHA256

      7e264ee2ab069a92bef6e19ab517e411271370ca5140b3441b833ac36763fef7

    • SHA512

      47b35e8575a37bbc4c4b5eedbc75b29ef8f71757f72c350b9af3ee6919e983ee0d23d33d47b38674920326404842d1c515007cab7a50e0ac128238ec39faa14e

    • SSDEEP

      6144:cBhXgx3LCH+23nsIQ5IW4KjUTycThlDfERZsywz+FF:cX83L2ntPLKATyc/SrPFF

    Score
    10/10
    • Detect ZGRat V1

    • Stealc

      Stealc is an infostealer written in C++.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks