Overview

overview

10

Static

static

3

Debug.exe

windows7-x64

10

Debug.exe

windows10-2004-x64

10

Resubmissions

03-01-2024 11:37

240103-nrgycafdf4 10

03-01-2024 11:18

240103-nd9q7scgfm 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Debug.exe

  • Size

    631KB

  • Sample

    240103-nd9q7scgfm

  • MD5

    eec03d362a4c66fe6ac8064ae68bda50

  • SHA1

    8aa051b9c7f201eb9504fb7023bbc5ffa2458293

  • SHA256

    cd2cc1403cb829e7d7454a3a80d9875834bd3b0837e56493369f2d842bf3f569

  • SHA512

    e6f07b5171fee9fa534f57376aaf6061e541da4ad9cee2e50b3d2ee3eed7cd2d0ed2942a479e8887dc7e4247e969b081b5ebef758854e7c62be35e2af49a8f2d

  • SSDEEP

    12288:vEZR29MfzdOwMI5F09MyMeWR+KSS2g/Pd35/K9TGH4CaxJDua:MZR29Mfzdu6LyZTIdJ/K98n6u

Score
10/10
xmrigzgratminerrat

Malware Config

Targets

    • Target

      Debug.exe

    • Size

      631KB

    • MD5

      eec03d362a4c66fe6ac8064ae68bda50

    • SHA1

      8aa051b9c7f201eb9504fb7023bbc5ffa2458293

    • SHA256

      cd2cc1403cb829e7d7454a3a80d9875834bd3b0837e56493369f2d842bf3f569

    • SHA512

      e6f07b5171fee9fa534f57376aaf6061e541da4ad9cee2e50b3d2ee3eed7cd2d0ed2942a479e8887dc7e4247e969b081b5ebef758854e7c62be35e2af49a8f2d

    • SSDEEP

      12288:vEZR29MfzdOwMI5F09MyMeWR+KSS2g/Pd35/K9TGH4CaxJDua:MZR29Mfzdu6LyZTIdJ/K98n6u

    Score
    10/10
    zgratratxmrigminer

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks