Extracted

• • Target

    1d9afc3b06154312da8b0b9395e8fe7f

  • Size

    2.2MB

  • MD5

    1d9afc3b06154312da8b0b9395e8fe7f

  • SHA1

    20e0e67522ee702e9f5f32d44af685cfc8b56009

  • SHA256

    697414e831f2574b2dc65e397d2dddc2acca45c47890308750af5cccbb2d46a8

  • SHA512

    deee37c33efc3250990517bb633805cd7564bc9c5d20383576fdc76cbadb3486d916fcbf790738713e2bb0b6aee450ee84bfc2e8140704e8c72725ccab77d39e

  • SSDEEP

    49152:rpNxojZEgpJE8R7Wwlh78ebqNR9FGwQreXQ:rp7ojZhpJzRiwlhgsqvlYe

  Score

  10^/10

  zgratpersistenceratbitrattrojan

  • BitRAT

    BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

    trojanbitrat

  • Detect ZGRat V1

  • Modifies WinLogon for persistence

    persistence

  • ZGRat

    ZGRat is remote access trojan written in C#.

    ratzgrat
  behavioral1behavioral2