zgrat | 36216f13d2670aadc24589c4810c4ef62e9370a4e3cf05f8015b1beb5e0c4a63 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

506761d4ae...27.exe

windows7-x64

506761d4ae...27.exe

windows10-2004-x64

Sharing

General

Target

506761d4ae9aa7134c001c7f0b7b4827.exe
Size

590KB
Sample

231121-ebl3paca44
MD5

506761d4ae9aa7134c001c7f0b7b4827
SHA1

45b12d344817ca14e1f630da7f624b2093e7728d
SHA256

36216f13d2670aadc24589c4810c4ef62e9370a4e3cf05f8015b1beb5e0c4a63
SHA512

6989bed145db2b4397a3f6b76a5be58b102270ed94ac42c7914cfe17c916bd6779b8575f6a0e39d7f8a18343dcd5579f5f72a759b873c453e85d6314dd217d63
SSDEEP

12288:I2kEUbOlK2wyuxkVT0qIGk7TeO7Ii2amedllsEqUbBm+wsSqRhxMuTw1gk:I2QLyVwRGkf7Ii8eLuzekcGuTc

Score

10^/10

zgrat rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

506761d4ae9aa7134c001c7f0b7b4827.exe

Resource

win7-20231023-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

506761d4ae9aa7134c001c7f0b7b4827.exe

Resource

win10v2004-20231020-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  506761d4ae9aa7134c001c7f0b7b4827.exe
- Size
  
  590KB
- MD5
  
  506761d4ae9aa7134c001c7f0b7b4827
- SHA1
  
  45b12d344817ca14e1f630da7f624b2093e7728d
- SHA256
  
  36216f13d2670aadc24589c4810c4ef62e9370a4e3cf05f8015b1beb5e0c4a63
- SHA512
  
  6989bed145db2b4397a3f6b76a5be58b102270ed94ac42c7914cfe17c916bd6779b8575f6a0e39d7f8a18343dcd5579f5f72a759b873c453e85d6314dd217d63
- SSDEEP
  
  12288:I2kEUbOlK2wyuxkVT0qIGk7TeO7Ii2amedllsEqUbBm+wsSqRhxMuTw1gk:I2QLyVwRGkf7Ii8eLuzekcGuTc
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy