Overview

overview

10

Static

static

3

bdd3f500dc...92.exe

windows7-x64

10

bdd3f500dc...92.exe

windows10-2004-x64

10

bebbd564c9...88.exe

windows7-x64

10

bebbd564c9...88.exe

windows10-2004-x64

10

bee4228379...41.exe

windows7-x64

10

bee4228379...41.exe

windows10-2004-x64

1

bee428f2c0...6d.exe

windows7-x64

10

bee428f2c0...6d.exe

windows10-2004-x64

10

bfe2de8eba...26.exe

windows7-x64

10

bfe2de8eba...26.exe

windows10-2004-x64

10

c0051bd762...0a.exe

windows7-x64

10

c0051bd762...0a.exe

windows10-2004-x64

10

c10ce97e65...eb.exe

windows7-x64

10

c10ce97e65...eb.exe

windows10-2004-x64

7

c3577d14cd...0d.exe

windows7-x64

10

c3577d14cd...0d.exe

windows10-2004-x64

10

c6b464c901...f8.exe

windows7-x64

10

c6b464c901...f8.exe

windows10-2004-x64

10

c720da2df2...cd.exe

windows7-x64

7

c720da2df2...cd.exe

windows10-2004-x64

7

c7bdc5c45c...68.exe

windows7-x64

1

c7bdc5c45c...68.exe

windows10-2004-x64

1

c8276b980d...31.exe

windows7-x64

10

c8276b980d...31.exe

windows10-2004-x64

10

c99a0bb64c...c3.exe

windows7-x64

10

c99a0bb64c...c3.exe

windows10-2004-x64

10

cb4177d5af...5b.exe

windows7-x64

10

cb4177d5af...5b.exe

windows10-2004-x64

10

cdd187b140...fc.exe

windows7-x64

7

cdd187b140...fc.exe

windows10-2004-x64

7

cdf8661bfb...c1.exe

windows7-x64

10

cdf8661bfb...c1.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    190s
  • max time network
    209s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/11/2023, 13:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cdf8661bfba3b34c9c876c216db9bac1.exe

  • Size

    767KB

  • MD5

    cdf8661bfba3b34c9c876c216db9bac1

  • SHA1

    30dc311efcb113155f32b818b171e7e3ffa03b88

  • SHA256

    7bb1a4ceb5f46fa0a8313404d39bfe9838bd8ec84ee1d2f8ab9ddb41de92e8c4

  • SHA512

    d8acd7b9080991994883dfe414fc5af888c06cc86aee1a74802adb17a854d9e53ddfc1ddf625b94eccd936ca0c99b7574bca532a9152cc2ac9dfafd65b359afb

  • SSDEEP

    12288:WYIZYFeueRy5KPtlaA3OK4nwFpJaKdpkyoQGqUerMvcL7eiKEXqXdVFSZ2:BIZYFjkyYPtsAN4nwjJ/kvQRbK4qXdVF

Score
10/10
zgratrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • ZGRat

    ZGRat is remote access trojan written in C#.

    ratzgrat

Processes

  • C:\Users\Admin\AppData\Local\Temp\cdf8661bfba3b34c9c876c216db9bac1.exe
    "C:\Users\Admin\AppData\Local\Temp\cdf8661bfba3b34c9c876c216db9bac1.exe"
    1⤵
      PID:4988

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4988-0-0x0000000074D70000-0x0000000075520000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/4988-1-0x0000000074D70000-0x0000000075520000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/4988-2-0x0000000000A00000-0x0000000000AC6000-memory.dmp

      Filesize

      792KB

      Download

    • memory/4988-3-0x0000000005D80000-0x0000000006324000-memory.dmp

      Filesize

      5.6MB

      Download

    • memory/4988-4-0x00000000058B0000-0x0000000005942000-memory.dmp

      Filesize

      584KB

      Download

    • memory/4988-5-0x0000000006330000-0x0000000006684000-memory.dmp

      Filesize

      3.3MB

      Download

    • memory/4988-6-0x0000000005AE0000-0x0000000005AF0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4988-7-0x0000000005A60000-0x0000000005A6A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/4988-8-0x0000000005B90000-0x0000000005B9C000-memory.dmp

      Filesize

      48KB

      Download

    • memory/4988-9-0x0000000005AE0000-0x0000000005AF0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4988-10-0x0000000000BC0000-0x0000000000BCC000-memory.dmp

      Filesize

      48KB

      Download

    • memory/4988-11-0x00000000014B0000-0x000000000153A000-memory.dmp

      Filesize

      552KB

      Download