zgrat | f05efbb159feb10d96e61a020a3cd22736ffbb096decd683a03c3445df5c5d44 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

f05efbb159feb10d96e61a020a3cd22736ffbb096decd683a03c3445df5c5d44
Size

1.7MB
Sample

231016-fllqcabf9w
MD5

031c1c644a831931aa5040d5fa4b3e59
SHA1

01e542f520d43d27607f6d257523e3e25afa8d54
SHA256

f05efbb159feb10d96e61a020a3cd22736ffbb096decd683a03c3445df5c5d44
SHA512

9ecc6cdf1f7d0eaa670a518eba914022fd4f3a086eb2da9ad3218ea069f907dda84c0d075ad3aa1691f4379822b6a1e9dc6636b8535b22a86154b80d48a85787
SSDEEP

24576:rQa+rRep38knZGbO4oFya8ZbRxaiXvnEc3Suvb7sNPwEFfTPCRi4Vz:rZ+rRe3zn4ioa8ZbRMiXO07sNPwERWV

Score

10^/10

zgrat rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

f05efbb159feb10d96e61a020a3cd22736ffbb096decd683a03c3445df5c5d44.exe

Resource

win7-20230831-en

windows7-x64

12 signatures

300 seconds

Behavioral task

behavioral2

Sample

f05efbb159feb10d96e61a020a3cd22736ffbb096decd683a03c3445df5c5d44.exe

Resource

win10-20230915-en

windows10-1703-x64

12 signatures

300 seconds

Malware Config

Targets

- Target
  
  f05efbb159feb10d96e61a020a3cd22736ffbb096decd683a03c3445df5c5d44
- Size
  
  1.7MB
- MD5
  
  031c1c644a831931aa5040d5fa4b3e59
- SHA1
  
  01e542f520d43d27607f6d257523e3e25afa8d54
- SHA256
  
  f05efbb159feb10d96e61a020a3cd22736ffbb096decd683a03c3445df5c5d44
- SHA512
  
  9ecc6cdf1f7d0eaa670a518eba914022fd4f3a086eb2da9ad3218ea069f907dda84c0d075ad3aa1691f4379822b6a1e9dc6636b8535b22a86154b80d48a85787
- SSDEEP
  
  24576:rQa+rRep38knZGbO4oFya8ZbRxaiXvnEc3Suvb7sNPwEFfTPCRi4Vz:rZ+rRe3zn4ioa8ZbRMiXO07sNPwERWV
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy