Overview

overview

10

Static

static

3

35bc5afb89...89.exe

windows7-x64

10

35bc5afb89...89.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    35bc5afb894e68ded5623e057d4f6a93543c487bf1b6e3943e3f332c4dd16689

  • Size

    3.4MB

  • Sample

    231229-l2qxwsgdc4

  • MD5

    a94547769c3f9ce3594946f16d31ec16

  • SHA1

    7a2753ecc00244a55cca74527b264e7f18659daf

  • SHA256

    35bc5afb894e68ded5623e057d4f6a93543c487bf1b6e3943e3f332c4dd16689

  • SHA512

    6940ac5b321c62fc4f6c94d1f046e1238bf00ca9f0c27fab122af74241aa44c424745159c60e3053532db2698bdb922dca761f8bbff652fe8dad771aa1983178

  • SSDEEP

    98304:yaGGHdfWybAk/avUcqWSbTUzHW+XAWf7uXXx:JGedfWe/CvNqWSnXBI7unx

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      35bc5afb894e68ded5623e057d4f6a93543c487bf1b6e3943e3f332c4dd16689

    • Size

      3.4MB

    • MD5

      a94547769c3f9ce3594946f16d31ec16

    • SHA1

      7a2753ecc00244a55cca74527b264e7f18659daf

    • SHA256

      35bc5afb894e68ded5623e057d4f6a93543c487bf1b6e3943e3f332c4dd16689

    • SHA512

      6940ac5b321c62fc4f6c94d1f046e1238bf00ca9f0c27fab122af74241aa44c424745159c60e3053532db2698bdb922dca761f8bbff652fe8dad771aa1983178

    • SSDEEP

      98304:yaGGHdfWybAk/avUcqWSbTUzHW+XAWf7uXXx:JGedfWe/CvNqWSnXBI7unx

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks