Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SecuriteInfo.com.Trojan-Ransom.Win32.Zerber.gkca.4990.15640.exe

  • Size

    7.5MB

  • Sample

    241010-n2al1s1ann

  • MD5

    39274680f075dd14ef063eb67d8d7255

  • SHA1

    ae68156366cfaca06a0fce73ec694fbc0aa4dccd

  • SHA256

    41ecd979cc674d2a1189fde9da4899b13240154e9acb0e54cdd81e08624c2977

  • SHA512

    85b96a7be391c8271cf7997cea798f7b95567ae79842c29efb272f4ef957fae76a1dbddf5d77a0c6bfd8eb9efe10e1916e8d23759ea9ab98039b94cf9fd94c63

  • SSDEEP

    196608:eqwPbZzrIoA+gjWxug5xzPtIxY8unUAwnlzUP:yzycI4tIi1nUADP

Score
7/10

Malware Config

Targets

    • Target

      SecuriteInfo.com.Trojan-Ransom.Win32.Zerber.gkca.4990.15640.exe

    • Size

      7.5MB

    • MD5

      39274680f075dd14ef063eb67d8d7255

    • SHA1

      ae68156366cfaca06a0fce73ec694fbc0aa4dccd

    • SHA256

      41ecd979cc674d2a1189fde9da4899b13240154e9acb0e54cdd81e08624c2977

    • SHA512

      85b96a7be391c8271cf7997cea798f7b95567ae79842c29efb272f4ef957fae76a1dbddf5d77a0c6bfd8eb9efe10e1916e8d23759ea9ab98039b94cf9fd94c63

    • SSDEEP

      196608:eqwPbZzrIoA+gjWxug5xzPtIxY8unUAwnlzUP:yzycI4tIi1nUADP

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks