Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Pacote_20240507_C2921731.zip

  • Size

    130.3MB

  • Sample

    240508-rpxskaba72

  • MD5

    e9fd76339dcea832952b510fe1e98ab2

  • SHA1

    8398c6abe6125531052733ec38e8fe92088221bd

  • SHA256

    0e111fd35d15d2b284e9d94d67aa97af1df6fe73e41e22529f0326c5f811db7c

  • SHA512

    0815ab440b71e69d872dbb0f61531df09ea72b44308cb239a4587ebbe8cb70ec06ae736a84349360b87f9250d64ff4749f2a411fbf773178c8fc41671d6d3bda

  • SSDEEP

    3145728:3qq7WQyNfaGvz+MNVEfeeG8Xm1pXJdbbCwrrkUB93JdbZT:3mQyE67kWelXm5pb5TZpZT

Score
10/10

Malware Config

Targets

    • Target

      AvisoCobranca.exe

    • Size

      66KB

    • MD5

      d64b1432895d8518b29187556c6677d6

    • SHA1

      632e2cc126ad144eef3c3e4b804ba8e2fb67ed40

    • SHA256

      727008de4a36996ce2a59db428c23aee9e95cfeb2226c780f4dfef2e9357da8e

    • SHA512

      59563592bc59d8dfef2afed99333935f9689ebc2c9f04734008f71956056b25bf781513b4ae906ccf5eb0e8c87eaffb5002993b30fe4954a927ed8dc1da3ba4e

    • SSDEEP

      1536:z2kIq3dVrtBtzVHdPyQ6QTJWJ1+7MqmFdaKZWrP/53KxbfniE/5AAyt630:3Iq3dVX6ChrIRnisytw0

    Score
    10/10
    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Target

      BaixaCnab.exe

    • Size

      167KB

    • MD5

      41607f695606d94bd05bbcad789169f6

    • SHA1

      ee3f31ea53af0b4c6ccbefce7a5a499a16ae8dc9

    • SHA256

      8c2f65255efe842f8e325accc6b506478c62c7269c3a1099c5e8ec3cb1df7b42

    • SHA512

      57d9fcaee548bc9d039c5621897a9e5d61e9d3d3937016fcb2cfadc104747398b6a6b429c2bf0376449aac9aa7d7ae089c0759ce38253ce1015fa93b30059a71

    • SSDEEP

      3072:QZuq+bkHPcgZ/7e0X0FrpEBSOGnMNd3H:bbkV/7e0kFrQSdM

    Score
    10/10
    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Target

      BarcodeLib.dll

    • Size

      105KB

    • MD5

      dd7292592c98bd617a5f657a27dd87c7

    • SHA1

      32e53a440418b3198412654c83e7ce1e3594e41e

    • SHA256

      37f5dcbee2690d4b226a7054bd65edb40bb0bb1fe3caa8792c2e2073b0aec412

    • SHA512

      a592484eb6b8fc64b5884926cee9b023572f81aea33a6df1bcfda3773e31c752abc738c475af03afca9f8b88288c16f942b6652e99f24c8d29aa13926770dd48

    • SSDEEP

      3072:liZMdaDEBxQWg6pnanSSbVmMPhPPmeuPeuUV9oLXvIUP/SqlPB5sqBTxvNeE3eeu:li+dZe6

    Score
    1/10
    • Target

      BoletoDiario.exe

    • Size

      117KB

    • MD5

      b37820404ab0bf417712006e74bf4f7a

    • SHA1

      e9ca485b8940bc583f00ed3e048c18d0b954c54c

    • SHA256

      46478b71ace178a2fe340b93c44cf262d0c7edf41fac9406d2360abce15fb267

    • SHA512

      ff1a45dda2f821cf08c332dce86183ad649f797f75b0bdd1e44ef6c84bb0e42babfb6497cc9f2d8b01d53ac4461a574136a9910140cdafcd64b8c6eb3f5197c7

    • SSDEEP

      1536:RD1TM625P+kj+cClr2FEKqKefB6VjnvWDmkOXLwkQgMRdTtQQU9ZWjaSz4q:IQm+z6eyjv2mkOXLwkeRdbBz4q

    Score
    10/10
    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Target

      cadastro/chatPalavraChave.aspx

    • Size

      9KB

    • MD5

      bfd276fe31d1644812522fcaea9dde39

    • SHA1

      200cd6ec6d6fd8e51bd7626ba838da63530e9172

    • SHA256

      73d06a8fce2006a1772b6fce4b8be57bc90317e48cf4627e0ebf5025dfa77c2f

    • SHA512

      7b4b669e99ea1d0679b405913f705a4362d6e5098789d48384fe9b36c4e2d6c12f53a4a148f02f401a4424db548c699a5ed98307a8c11cf338c81bbacbfade8a

    • SSDEEP

      192:jqgf8hnT1tmTfLwlmWsxqLfig9z1EjbIbUblW67qNabdbNuu8m878cezyf:21lT6LLwl2qL79z1EjbIbUb37qNabdbC

    Score
    3/10
    • Target

      cadastro/configuracao.aspx

    • Size

      8KB

    • MD5

      70da86d0e5677a1f8ca380faf3628dfc

    • SHA1

      16840e796a54e2fd37d0bd7e5763517ce706a8a6

    • SHA256

      b04d441c1a0e66baca5967f6efdac80ba543f3c63079f67318f2d55119f5f68f

    • SHA512

      1fa85f3460848f4dd1c39026c285eec387d01da8ba07fa2513f4e92e895a5cef398f55729c8bdb11718c94d217f9476fcf748310f0ccb597029114f098cf8b09

    • SSDEEP

      96:j/dsDSWD9kqCQz+VbQBFZjQGnw2iYGULiv59bm9bZC9bI9bjsV9bE29bN9MUMzC3:j1sDSWDuqFV1Mo5rwWA

    Score
    3/10
    • Target

      ckeditor/plugins/uicolor/yui/yui.js

    • Size

      115KB

    • MD5

      0745b22e2a0df9fb001c33eb19dd9615

    • SHA1

      53a0f09648c4b38d3580547497999d67fae44036

    • SHA256

      6337ddf8ed765ac9463458b5877d0c54e592dc729c6688331b9896ab4a1c57dd

    • SHA512

      f0f20833fc7ffed278a946dad43222315b4480f3ff60480bf444c33bd7f51361fc8589872085bf869f1bec3cb10ae4671d802354e82d25bbb4f86a2d56c61a2f

    • SSDEEP

      3072:wUw3JGd4QjhNzp5/qN+OGkJnXd1oE2IHlSpY7P9GXLK9Cgi8:wUw3JGdvSN3GkJnXd1oxeSpY79

    Score
    3/10
    • Target

      ckeditor/plugins/wsc/dialogs/ciframe.html

    • Size

      1KB

    • MD5

      520b9beb2d3b0184e7ba21172261df57

    • SHA1

      b2a61129e2395a9e7c7b122ee3812b9a587fbab3

    • SHA256

      afe9369f3374b01b90814a7d2db5ae6ddf3ac6c66f50d01023699b66c58b817c

    • SHA512

      5ba2ab84ce3a56f03f72199b446ebcf238290b9606a2632eb9ef467aa3d33e203767fb49751a233da459582e99765ec9b0fcd16c74d0cc2bca1ac070cf290c01

    Score
    1/10
    • Target

      ckeditor/plugins/wsc/dialogs/tmpFrameset.html

    • Size

      1KB

    • MD5

      cc4e887260a0c8632e0758b34c3cb979

    • SHA1

      3315b8b6f2fc1b66ab2b4bb5f6e52a2817fd8a07

    • SHA256

      52b39519d34638a7220c0fee78ccba0ba9d35852a47ad24cf4753fabf1fd7a28

    • SHA512

      b8ac9aa6d1216e67e1502b85bed530b40e74568b0f24b46c820400cf3a74350daee480c84dd287f5a7c6276f3668b480b1727926694d604b7a670ec222cb404a

    Score
    1/10
    • Target

      ckeditor/plugins/wsc/dialogs/wsc.js

    • Size

      3KB

    • MD5

      be9bf71bdcf8b676561e9e5332c9dbde

    • SHA1

      c0ec11c569ef753320d33862e00aa7b8dd1ab0ef

    • SHA256

      efc9cae1a87eca7fb54795190fac3ab38e5eb1e9b99456f385c0f2c83aad01ac

    • SHA512

      cade7730e16dac1c7d2f6b6a0802bbba247e61cbb744ec9fb4afb646d7f5898132f08f3b1aa7c41ae78f88e20abcfd3c823a27b12c62e19e7747b0cbb677c42b

    Score
    3/10
    • Target

      ckeditor/plugins/xml/plugin.js

    • Size

      1KB

    • MD5

      cdaccf65f7f9d929dca2037ed8d67725

    • SHA1

      7cacb465f99eb0158af6cb83fe1b0bd043ef25db

    • SHA256

      eadfe74e9da0288c085970577aaa2f070d31a21c22e919d574387b3c339a72aa

    • SHA512

      f9f8ff347a6e765bf0f5cfa03d1f9c4b25c59125550b21e066e0a24b4d81a2a67d19e5f58efd68cdabe9553e0b1b83bd5ddbb329f0639e205e1bcdc046cd5967

    Score
    3/10
    • Target

      ckeditor/skins/kama/skin.js

    • Size

      3KB

    • MD5

      17f3d3cd182c90c7d12a4a8a2a61dc9b

    • SHA1

      c230676ed63a57d5ef99efe0aa4b4596a3a025cb

    • SHA256

      97e257ae7814a0660859e48cd498ded8a115503a981cb7345708140a712dfd60

    • SHA512

      b02295a59de4cf4dd394c359ded08b67a8925907c121fe42b069e508c7e38f56afb8a9bdb2e017164d02e1d5a2132beacdd0be690fe3a25f0d4a6064cf680e5b

    Score
    3/10
    • Target

      ckeditor/skins/office2003/skin.js

    • Size

      1024B

    • MD5

      2f9df23eafa14444cfb55c93ba511162

    • SHA1

      68e6647ce6a3a8dc9997493d2be08ad8c01904b9

    • SHA256

      52099a1eb07875b31d529a4a54a86c0f3a4bb4a3874253053fda16f3e590665d

    • SHA512

      b1ffc81418d0b7cf5a850fbc39acdcbae5af66e78dc6255d239094c19bc96b33fc87908a4924651aa537f8020afbe04f61dd7a470610e38b5a1fd2595fc5ceb4

    Score
    3/10
    • Target

      ckeditor/skins/v2/skin.js

    • Size

      953B

    • MD5

      9b67b423d5b51faf54d6d058328eebea

    • SHA1

      82fb9baf53758865f2185baa8e2216a9231d5f60

    • SHA256

      beca07c12bf2166d7def6b7deeae8efc1f5a8fe01d1277c9641fa1fc4b31bcbf

    • SHA512

      1013ad0f6fb0343f1eeca4d461a70b03fbac72bdcefb6a76df732ae31565b04948b56a539b6c23540e52dbd6b10f6ec3c2bf80ef8e47354204602979ad5a65c0

    Score
    3/10
    • Target

      ckeditor/themes/default/theme.js

    • Size

      6KB

    • MD5

      bfd95034aa257600f8f0a3566cf6473f

    • SHA1

      81b12367f87bc0bd2739b59026777004967b4b28

    • SHA256

      00356012b8af1db7ceef6a1e13296cfdfab5392dfc1164aa545ed5905a99e90f

    • SHA512

      8fad69d823e77a718258cab08e6292a9e8b0407761aba4965c43965007958c6217d28050a640025960c3024cf9b791bd89c3e447095430b7b92da105f2ee0621

    • SSDEEP

      192:ixk9SpeeewDldyqv5WyowNQxlmTSjBx5BtTMVH4JD42yX7:W0weee5qv5LojmTS35Bt+1

    Score
    3/10
    • Target

      discador/Atto/atto.aspx

    • Size

      8KB

    • MD5

      1ab22731adfe838b0ea404f57c7f53d4

    • SHA1

      bd2e719e6cee8e08612fec40e15d6fa68a407ea1

    • SHA256

      ba561fc5e1d506cf4effc741ac82c15c860eb31d9290504b705ea222d8a0c833

    • SHA512

      d6215ebfe9d7ba6988599413043cc20e9f8e8daa3acccdf654cd6622eb4e291f30223a80ae050bf506c0e46f58ad6ee0ebb1a56068c6ba5f247d518581346913

    • SSDEEP

      96:j/eLIoo2DQ1LDtzMhdXUozTuGhRikZBbSmKW7OCA8DSZDqDYbTbAyV:jeIGUgzSQ/B7jA8DSZDqDYPH

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

zgrat
Score
10/10

behavioral1

zgratrat
Score
10/10

behavioral2

zgratrat
Score
10/10

behavioral3

zgratrat
Score
10/10

behavioral4

zgratrat
Score
10/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
3/10

behavioral8

zgratrat
Score
10/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10