zgrat | bc678804ebeff79366ef7d358a1415e3be4e24e0c393b6481c0daddfd17d6546 | Triage

Submit
Reports

Overview

overview

Static

static

3

37451cdc75...3d.exe

windows7-x64

37451cdc75...3d.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

37451cdc75327254455ea7fdee01f93d
Size

1.7MB
Sample

231231-qcpezsfchl
MD5

37451cdc75327254455ea7fdee01f93d
SHA1

89774554eb8b82712688667e612c396a1d707bfc
SHA256

bc678804ebeff79366ef7d358a1415e3be4e24e0c393b6481c0daddfd17d6546
SHA512

2057e7951029bb8d1c1cca67407c24e97800d7d3d405e21bff12fec89861476772ab5cc0fe650f29942bf3ed7b8d61c56af832a3e4ce5b678a8dac6880895867
SSDEEP

49152:z2Tb0ZiXfdN12/9/Y7rR8nYB0WjZiWoaE:qAIPdN12/9/iRSYjZVE

Score

10^/10

zgrat rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

37451cdc75327254455ea7fdee01f93d.exe

Resource

win7-20231215-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

37451cdc75327254455ea7fdee01f93d.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  37451cdc75327254455ea7fdee01f93d
- Size
  
  1.7MB
- MD5
  
  37451cdc75327254455ea7fdee01f93d
- SHA1
  
  89774554eb8b82712688667e612c396a1d707bfc
- SHA256
  
  bc678804ebeff79366ef7d358a1415e3be4e24e0c393b6481c0daddfd17d6546
- SHA512
  
  2057e7951029bb8d1c1cca67407c24e97800d7d3d405e21bff12fec89861476772ab5cc0fe650f29942bf3ed7b8d61c56af832a3e4ce5b678a8dac6880895867
- SSDEEP
  
  49152:z2Tb0ZiXfdN12/9/Y7rR8nYB0WjZiWoaE:qAIPdN12/9/iRSYjZVE
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy