zgrat | 30c4f5d3a9bc4ea1c8dd362095d5621bb50403b1a592b83ee3d9c3658bd7a8d1 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

3da00651de...fb.exe

windows7-x64

3da00651de...fb.exe

windows10-2004-x64

Sharing

General

Target

3da00651de2aca0449afa220de5979fb
Size

636KB
Sample

240101-xncnwsade9
MD5

3da00651de2aca0449afa220de5979fb
SHA1

26b2f295887722e744b557cc8cf43e86c20f2450
SHA256

30c4f5d3a9bc4ea1c8dd362095d5621bb50403b1a592b83ee3d9c3658bd7a8d1
SHA512

7fecc95338d87dad376ecb6ec5f1a121e3ad1e1a50753c760fb5314713b9d0182f99a07227306ee5e5f592776ec530974de43da74e65abf6ca5509fa92022f0b
SSDEEP

12288:/4mHFQm2BOUamTo4NchWmdi0MgOSP0kIb/WU5Nxk:jWxHamToHW10MbSPuWG

Score

10^/10

zgrat rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3da00651de2aca0449afa220de5979fb.exe

Resource

win7-20231215-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

3da00651de2aca0449afa220de5979fb.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  3da00651de2aca0449afa220de5979fb
- Size
  
  636KB
- MD5
  
  3da00651de2aca0449afa220de5979fb
- SHA1
  
  26b2f295887722e744b557cc8cf43e86c20f2450
- SHA256
  
  30c4f5d3a9bc4ea1c8dd362095d5621bb50403b1a592b83ee3d9c3658bd7a8d1
- SHA512
  
  7fecc95338d87dad376ecb6ec5f1a121e3ad1e1a50753c760fb5314713b9d0182f99a07227306ee5e5f592776ec530974de43da74e65abf6ca5509fa92022f0b
- SSDEEP
  
  12288:/4mHFQm2BOUamTo4NchWmdi0MgOSP0kIb/WU5Nxk:jWxHamToHW10MbSPuWG
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy