Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e264ee2ab069a92bef6e19ab517e411271370ca5140b3441b833ac36763fef7

  • Size

    448KB

  • Sample

    240417-pltkmaeg24

  • MD5

    1325b50b632883a239fe24c69fbad286

  • SHA1

    a468fd15ebda14c6cab408d1729f5283569255f8

  • SHA256

    7e264ee2ab069a92bef6e19ab517e411271370ca5140b3441b833ac36763fef7

  • SHA512

    47b35e8575a37bbc4c4b5eedbc75b29ef8f71757f72c350b9af3ee6919e983ee0d23d33d47b38674920326404842d1c515007cab7a50e0ac128238ec39faa14e

  • SSDEEP

    6144:cBhXgx3LCH+23nsIQ5IW4KjUTycThlDfERZsywz+FF:cX83L2ntPLKATyc/SrPFF

Score
10/10
stealczgratratstealer

Malware Config

Targets

    • Target

      7e264ee2ab069a92bef6e19ab517e411271370ca5140b3441b833ac36763fef7

    • Size

      448KB

    • MD5

      1325b50b632883a239fe24c69fbad286

    • SHA1

      a468fd15ebda14c6cab408d1729f5283569255f8

    • SHA256

      7e264ee2ab069a92bef6e19ab517e411271370ca5140b3441b833ac36763fef7

    • SHA512

      47b35e8575a37bbc4c4b5eedbc75b29ef8f71757f72c350b9af3ee6919e983ee0d23d33d47b38674920326404842d1c515007cab7a50e0ac128238ec39faa14e

    • SSDEEP

      6144:cBhXgx3LCH+23nsIQ5IW4KjUTycThlDfERZsywz+FF:cX83L2ntPLKATyc/SrPFF

    Score
    10/10
    stealczgratratstealer

    • Detect ZGRat V1

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks