Overview

overview

10

Static

static

10

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    04502eabc1a8c299a1c3f55240157ac479208c8dd3e2c72dba6dcf2dce47ef23

  • Size

    1.7MB

  • Sample

    231126-17n3tacf3s

  • MD5

    de2568624e12490eb38aff5ff9cf11b0

  • SHA1

    f6e7a28cfa3379d32864076be10ee492f301bedd

  • SHA256

    04502eabc1a8c299a1c3f55240157ac479208c8dd3e2c72dba6dcf2dce47ef23

  • SHA512

    69820bedf8ba408a8aca93dc8ca4ec7dc4895767f6d668a1454748cb87b318ccb7ad6c31a56788d2dc3683217ccc9bbfc14379d2aad3240ebafc4cd741840b54

  • SSDEEP

    24576:rQa+rRep38knZGbO4oFya8ZbRxaiXvnEc3Suvb7sNPwEFfTPCRi4Vz:rZ+rRe3zn4ioa8ZbRMiXO07sNPwERWV

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      04502eabc1a8c299a1c3f55240157ac479208c8dd3e2c72dba6dcf2dce47ef23

    • Size

      1.7MB

    • MD5

      de2568624e12490eb38aff5ff9cf11b0

    • SHA1

      f6e7a28cfa3379d32864076be10ee492f301bedd

    • SHA256

      04502eabc1a8c299a1c3f55240157ac479208c8dd3e2c72dba6dcf2dce47ef23

    • SHA512

      69820bedf8ba408a8aca93dc8ca4ec7dc4895767f6d668a1454748cb87b318ccb7ad6c31a56788d2dc3683217ccc9bbfc14379d2aad3240ebafc4cd741840b54

    • SSDEEP

      24576:rQa+rRep38knZGbO4oFya8ZbRxaiXvnEc3Suvb7sNPwEFfTPCRi4Vz:rZ+rRe3zn4ioa8ZbRMiXO07sNPwERWV

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks