Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

553ad97838...21.exe

windows7-x64

10

553ad97838...21.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    553ad97838dd7b357b5da543905b2abccd26e8d28d2a9557a0e3e443e4122521.exe

  • Size

    425KB

  • Sample

    240424-bvntvadf6w

  • MD5

    809d01b41db7759e37fcbdcc7b12f924

  • SHA1

    d25989473ba57ccdcad24579252510ef1c4a3351

  • SHA256

    553ad97838dd7b357b5da543905b2abccd26e8d28d2a9557a0e3e443e4122521

  • SHA512

    7282bbe7ce14659db70eb3396e2efc99bd41da965bbd30c9aa5888c534eff76f6a0c3be21542730d04ea803155eb92378ab5e6dd525b9ebab6f4d01d76ac7395

  • SSDEEP

    6144:Q5aN2Vntc5AZgFculbmTyNdviCkR0ybsQM4PJirrxGP1dY1Bu/fF:caNyqZKre/iL0ywQLBirrQNP/fF

Score
10/10
stealczgratratstealer

Malware Config

Targets

    • Target

      553ad97838dd7b357b5da543905b2abccd26e8d28d2a9557a0e3e443e4122521.exe

    • Size

      425KB

    • MD5

      809d01b41db7759e37fcbdcc7b12f924

    • SHA1

      d25989473ba57ccdcad24579252510ef1c4a3351

    • SHA256

      553ad97838dd7b357b5da543905b2abccd26e8d28d2a9557a0e3e443e4122521

    • SHA512

      7282bbe7ce14659db70eb3396e2efc99bd41da965bbd30c9aa5888c534eff76f6a0c3be21542730d04ea803155eb92378ab5e6dd525b9ebab6f4d01d76ac7395

    • SSDEEP

      6144:Q5aN2Vntc5AZgFculbmTyNdviCkR0ybsQM4PJirrxGP1dY1Bu/fF:caNyqZKre/iL0ywQLBirrQNP/fF

    Score
    10/10
    stealczgratratstealer

    • Detect ZGRat V1

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Detects encrypted or obfuscated .NET executables

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks