Overview

overview

10

Static

static

3

NEAS.3cedd...7e.exe

windows7-x64

1

NEAS.3cedd...7e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.3cedd61842d8ecbe2edce64e0f129a7e.exe

  • Size

    1010KB

  • Sample

    231117-s5knlsbe3x

  • MD5

    3cedd61842d8ecbe2edce64e0f129a7e

  • SHA1

    d7b988a61b9a470206d71d908400716d3446e6c4

  • SHA256

    ce83b8a87827462b0c1d4e5c388b2d27481e2a9eb49f398ca5e3a658a23e64db

  • SHA512

    29f56157ea2b9ef7af31a9f804c8a471687e2f3142f049ce3df30d2dc04219c518d518a0d6c3872da54eef2ce435304fa92146a7f59c846c7c7b54f46c15ba06

  • SSDEEP

    24576:RDJYK8E4HV8NdeSJ17nytoLNGk8e1HNP9+pYy295NGnFb+oHxRX5x9:RDJT8rVAdVytWMQkYy29vuFjP

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      NEAS.3cedd61842d8ecbe2edce64e0f129a7e.exe

    • Size

      1010KB

    • MD5

      3cedd61842d8ecbe2edce64e0f129a7e

    • SHA1

      d7b988a61b9a470206d71d908400716d3446e6c4

    • SHA256

      ce83b8a87827462b0c1d4e5c388b2d27481e2a9eb49f398ca5e3a658a23e64db

    • SHA512

      29f56157ea2b9ef7af31a9f804c8a471687e2f3142f049ce3df30d2dc04219c518d518a0d6c3872da54eef2ce435304fa92146a7f59c846c7c7b54f46c15ba06

    • SSDEEP

      24576:RDJYK8E4HV8NdeSJ17nytoLNGk8e1HNP9+pYy295NGnFb+oHxRX5x9:RDJT8rVAdVytWMQkYy29vuFjP

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks