zgrat | 4592c4585d662c266a84016c91bd6cea368c51d467a985a22cb14f71f3f5d5c7 | Triage

Submit
Reports

Overview

overview

Static

static

3

0727ab0b9d...11.exe

windows7-x64

0727ab0b9d...11.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

0727ab0b9ded99f5dedfd6203f574111
Size

2.1MB
Sample

231229-3mfxtabbd5
MD5

0727ab0b9ded99f5dedfd6203f574111
SHA1

58eb40d2c4ca79af5e5b6df1f1c441843f8c5b8c
SHA256

4592c4585d662c266a84016c91bd6cea368c51d467a985a22cb14f71f3f5d5c7
SHA512

e38e963246d0ff0842ae9c0a13454699bfb094e57681a3d1de543d279dd0b61f933aa6caf44eff57a20bf8dd8a0afe7ee38da53c074db076329c99b2fd01451d
SSDEEP

49152:A2sffjuMZX0CoAMSe3JTimD/Ymv+gdCrmbBI05ik4G3nvHBFtST:A2szuUF/e3JTVzN+gkKbik4OTs

Score

10^/10

zgrat rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0727ab0b9ded99f5dedfd6203f574111.exe

Resource

win7-20231129-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

0727ab0b9ded99f5dedfd6203f574111.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  0727ab0b9ded99f5dedfd6203f574111
- Size
  
  2.1MB
- MD5
  
  0727ab0b9ded99f5dedfd6203f574111
- SHA1
  
  58eb40d2c4ca79af5e5b6df1f1c441843f8c5b8c
- SHA256
  
  4592c4585d662c266a84016c91bd6cea368c51d467a985a22cb14f71f3f5d5c7
- SHA512
  
  e38e963246d0ff0842ae9c0a13454699bfb094e57681a3d1de543d279dd0b61f933aa6caf44eff57a20bf8dd8a0afe7ee38da53c074db076329c99b2fd01451d
- SSDEEP
  
  49152:A2sffjuMZX0CoAMSe3JTimD/Ymv+gdCrmbBI05ik4G3nvHBFtST:A2szuUF/e3JTVzN+gkKbik4OTs
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy