Overview

overview

10

Static

static

10

D3C4575E32...69.exe

windows7-x64

10

D3C4575E32...69.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    D3C4575E325D9B2EA4375BE6AE184469.exe

  • Size

    3.7MB

  • Sample

    240103-hm1xrsehc5

  • MD5

    d3c4575e325d9b2ea4375be6ae184469

  • SHA1

    dba82c40924a219234c29c7ab7d6da4e715c8aa2

  • SHA256

    e065974b0db0079fcc57cf5d209fa267c852772a58a68cee307a72c91d382a8e

  • SHA512

    75d19580269523c1eedbcf3079c6bd15dd4848d212e81028af1a7363927153451b3d579dd5f158df787edd246a9fcc18f7b48d67629e8f120bdd998d6641ef7d

  • SSDEEP

    98304:723bBil+7+NRBY2V9sJg2E65NEOzobiP8Xlb46LqpGVP:70BioqNbY2nsJg2E6Npzobi0Xlb462

Score
10/10
zgratratspywarestealer

Malware Config

Targets

    • Target

      D3C4575E325D9B2EA4375BE6AE184469.exe

    • Size

      3.7MB

    • MD5

      d3c4575e325d9b2ea4375be6ae184469

    • SHA1

      dba82c40924a219234c29c7ab7d6da4e715c8aa2

    • SHA256

      e065974b0db0079fcc57cf5d209fa267c852772a58a68cee307a72c91d382a8e

    • SHA512

      75d19580269523c1eedbcf3079c6bd15dd4848d212e81028af1a7363927153451b3d579dd5f158df787edd246a9fcc18f7b48d67629e8f120bdd998d6641ef7d

    • SSDEEP

      98304:723bBil+7+NRBY2V9sJg2E65NEOzobiP8Xlb46LqpGVP:70BioqNbY2nsJg2E6Npzobi0Xlb462

    Score
    10/10
    zgratratspywarestealer

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks