Extracted

• • Target

    42af7513c4f90b903faea61ef6f3730e

  • Size

    2.3MB

  • MD5

    42af7513c4f90b903faea61ef6f3730e

  • SHA1

    362f7f224e6a44efbd8111b73d3957ccbc8b6ad2

  • SHA256

    e04b61d1ca799559e8e22b4df62e49c134934fad3e9efe55d7336d171e4009d7

  • SHA512

    61e8827003371e6baee9ed6bdd30838314216358c8f9687e058f9ebe6f7a533af2858277dbf912d2a27f1aa9d106300e4267cf2a95a35bd21a233c9c5126c6bb

  • SSDEEP

    49152:ZTrFrY0PuAPqmxJic7p24NLfweBFBz2fKwz/KqKW:Z3lZuAPqmxJJ784NLourkrzCB

  Score

  10^/10

  zgratratbitrattrojan

  • BitRAT

    BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

    trojanbitrat

  • Detect ZGRat V1

  • ZGRat

    ZGRat is remote access trojan written in C#.

    ratzgrat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2