zgrat | 57e1f6b17381fa0659b19afdfa944a11205caae6556006f00bae5f6e39cb15d6 | Triage

Submit
Reports

Overview

overview

Static

static

3

a22f38c26d...13.exe

windows7-x64

a22f38c26d...13.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

1173a1f0469d241b02c1d57dc29cdf4d.bin
Size

623KB
Sample

231012-ndm77shb96
MD5

d132314714e0d128f630333b73ce57c7
SHA1

40f933e2c56183be21e47f3ac3ecc17a68d1c9a4
SHA256

57e1f6b17381fa0659b19afdfa944a11205caae6556006f00bae5f6e39cb15d6
SHA512

4c1790ef04493c730601361657e986cb96dbd76a7863653e4fe815ea4d9671359bb6811d8b3e0523d856fc2830b5e4a5545af864520acabe33cbac9ce9f69db3
SSDEEP

12288:aUOZ1Am9hZZN1v41EJIFdaMXsZtuA055zyk89HD+quCCSlSzhOyF+j7tza:anZ+m9hLv41EJEH8Z10DY9jbCSlkN0la

Score

10^/10

zgrat rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a22f38c26dc96fa285efd4c0732a22e9bb81b105ad65c75c609a478dd551ac13.exe

Resource

win7-20230831-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

a22f38c26dc96fa285efd4c0732a22e9bb81b105ad65c75c609a478dd551ac13.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  a22f38c26dc96fa285efd4c0732a22e9bb81b105ad65c75c609a478dd551ac13.exe
- Size
  
  628KB
- MD5
  
  1173a1f0469d241b02c1d57dc29cdf4d
- SHA1
  
  b789fd20e546ce3da045f30ae4ca5d02f260cc68
- SHA256
  
  a22f38c26dc96fa285efd4c0732a22e9bb81b105ad65c75c609a478dd551ac13
- SHA512
  
  ca7fa41e3fe0812231ffdaad853534327bbad987c31b7431debc17a2ee042fab1339d01d8a1ba5cc054248e4276337bf3cf770a6862fc001f36bc50af1934498
- SSDEEP
  
  12288:i8VYM4g/lRdZYbcyqeI9ZPH7H7sxIhDJsCeuR8mmTKfut:RB3RvGoJHEkNsPuKmmT
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy