Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

fdc4abf2e1...18.exe

windows7-x64

10

fdc4abf2e1...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fdc4abf2e1c2e105b0fa96ccfc96a9b1_JaffaCakes118

  • Size

    811KB

  • Sample

    240420-1534ysbh4x

  • MD5

    fdc4abf2e1c2e105b0fa96ccfc96a9b1

  • SHA1

    4cff46ba63bf0437bc3e64107ca175ce09b5dc8e

  • SHA256

    db095ae406f75b62e5d37408aa744fa4373249383b377a391bb31b551f095dd7

  • SHA512

    251382140f53f9d6ba7f421cff7a2edb899d36c7b7f4857614f93101e9abd2b3aa27dc1a8bc6f5361c58e66ce99a14aa5587b37c2fbe16d2fcb8aa304f40aea8

  • SSDEEP

    12288:9VLFvth+w7GodQpbelTL3P8oDP/qDHNmzkmx61RVvriwUE47DRC3QVfF62Ud:9vv/Nv+kTTVPaHFmIBv7IfR8Qo

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      fdc4abf2e1c2e105b0fa96ccfc96a9b1_JaffaCakes118

    • Size

      811KB

    • MD5

      fdc4abf2e1c2e105b0fa96ccfc96a9b1

    • SHA1

      4cff46ba63bf0437bc3e64107ca175ce09b5dc8e

    • SHA256

      db095ae406f75b62e5d37408aa744fa4373249383b377a391bb31b551f095dd7

    • SHA512

      251382140f53f9d6ba7f421cff7a2edb899d36c7b7f4857614f93101e9abd2b3aa27dc1a8bc6f5361c58e66ce99a14aa5587b37c2fbe16d2fcb8aa304f40aea8

    • SSDEEP

      12288:9VLFvth+w7GodQpbelTL3P8oDP/qDHNmzkmx61RVvriwUE47DRC3QVfF62Ud:9vv/Nv+kTTVPaHFmIBv7IfR8Qo

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks