purelogs | 3a646773608d252c2b742a0f4f74c061d4d282a090c1d39c973cbfe386f3b478 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

3a646773608d252c2b742a0f4f74c061d4d282a090c1d39c973cbfe386f3b478
Size

1018KB
Sample

231204-fjt9psha9v
MD5

eb71493b8c138d52c8baea7adaae0a22
SHA1

2ada7d8d3975bae525945b18275f6e7779fbab79
SHA256

3a646773608d252c2b742a0f4f74c061d4d282a090c1d39c973cbfe386f3b478
SHA512

d16b619badc3ebdf2961330bd4fdb6ccf63c16cbec3d8923f701aae82df66d935ff75ca74ecbae2edf6218f4363619bbb2be39a69f5072f589a2e6c16cea3b9c
SSDEEP

24576:b6dl6aVCGlaKNmzxXg6ipHKdyBnnjNd88L:uCa8GUKNmzxQGEd8I

Score

10^/10

purelogs zgrat persistence rat stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

3a646773608d252c2b742a0f4f74c061d4d282a090c1d39c973cbfe386f3b478.exe

Resource

win10v2004-20231130-en

purelogs zgrat persistence rat stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  3a646773608d252c2b742a0f4f74c061d4d282a090c1d39c973cbfe386f3b478
- Size
  
  1018KB
- MD5
  
  eb71493b8c138d52c8baea7adaae0a22
- SHA1
  
  2ada7d8d3975bae525945b18275f6e7779fbab79
- SHA256
  
  3a646773608d252c2b742a0f4f74c061d4d282a090c1d39c973cbfe386f3b478
- SHA512
  
  d16b619badc3ebdf2961330bd4fdb6ccf63c16cbec3d8923f701aae82df66d935ff75ca74ecbae2edf6218f4363619bbb2be39a69f5072f589a2e6c16cea3b9c
- SSDEEP
  
  24576:b6dl6aVCGlaKNmzxXg6ipHKdyBnnjNd88L:uCa8GUKNmzxQGEd8I
Score

10^/10

purelogs zgrat persistence rat stealer
- Detect PureLogs payload
- Detect ZGRat V1
- PureLogs
  PureLogs is an infostealer written in C#.
  stealer purelogs
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

purelogszgratpersistenceratstealer

© 2018-2025

Terms | Privacy