Overview

overview

10

Static

static

10

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fe61068f944cc553a881a49ef3fe93c3d401a4f260b4c46c0cd32e068f7e9457

  • Size

    1.7MB

  • Sample

    231126-2k6vsach45

  • MD5

    db3f486cc02bdc8210504ade5316da4b

  • SHA1

    451a4a8d2b644163423137aa0764cf1427ac5949

  • SHA256

    fe61068f944cc553a881a49ef3fe93c3d401a4f260b4c46c0cd32e068f7e9457

  • SHA512

    0e920c383c79f9a285423ea034a81bdb5e11d9ea0b3116d070f58875d51368136adc2a69b82d09cb8f2dac674d5db72dcadbf8522a39c9fe5ac221cefdc3a08e

  • SSDEEP

    24576:rQa+rRep38knZGbO4oFya8ZbRxaiXvnEc3Suvb7sNPwEFfTPCRi4Vz:rZ+rRe3zn4ioa8ZbRMiXO07sNPwERWV

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      fe61068f944cc553a881a49ef3fe93c3d401a4f260b4c46c0cd32e068f7e9457

    • Size

      1.7MB

    • MD5

      db3f486cc02bdc8210504ade5316da4b

    • SHA1

      451a4a8d2b644163423137aa0764cf1427ac5949

    • SHA256

      fe61068f944cc553a881a49ef3fe93c3d401a4f260b4c46c0cd32e068f7e9457

    • SHA512

      0e920c383c79f9a285423ea034a81bdb5e11d9ea0b3116d070f58875d51368136adc2a69b82d09cb8f2dac674d5db72dcadbf8522a39c9fe5ac221cefdc3a08e

    • SSDEEP

      24576:rQa+rRep38knZGbO4oFya8ZbRxaiXvnEc3Suvb7sNPwEFfTPCRi4Vz:rZ+rRe3zn4ioa8ZbRMiXO07sNPwERWV

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks