Overview

overview

10

Static

static

3

Sentares H...я.exe

windows7-x64

10

Sentares H...я.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Sentares Hack — копия.exe

  • Size

    3.9MB

  • Sample

    231012-hraldafa26

  • MD5

    c0d98ffe1c56cfc2a37d1c5458c60018

  • SHA1

    2595973f7a114f91f57112d6c9b4826692eb17fc

  • SHA256

    24471a5441763eca34eb78d690343b58468465c0c031a1ad3a7e71525d27fdcb

  • SHA512

    e548666738e8feba9da24a354f7243313629889cb99330dd2d6c501d1a1fa8ddaf7ff3a801b514b330190decd42820e448d87e0f3b642f86162941f3ab1fb8ee

  • SSDEEP

    49152:UBA230ehGn8Knv6swWrSUGIF183q2SbVhTtYqss8pjWFXRnRYrI2oWprZ+L:+L3hG8Kv69Wrl18q9bwU3RYwWhU

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      Sentares Hack — копия.exe

    • Size

      3.9MB

    • MD5

      c0d98ffe1c56cfc2a37d1c5458c60018

    • SHA1

      2595973f7a114f91f57112d6c9b4826692eb17fc

    • SHA256

      24471a5441763eca34eb78d690343b58468465c0c031a1ad3a7e71525d27fdcb

    • SHA512

      e548666738e8feba9da24a354f7243313629889cb99330dd2d6c501d1a1fa8ddaf7ff3a801b514b330190decd42820e448d87e0f3b642f86162941f3ab1fb8ee

    • SSDEEP

      49152:UBA230ehGn8Knv6swWrSUGIF183q2SbVhTtYqss8pjWFXRnRYrI2oWprZ+L:+L3hG8Kv69Wrl18q9bwU3RYwWhU

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks