General

  • Target

    tmp

  • Size

    1.7MB

  • Sample

    240125-v8ctaabhb4

  • MD5

    721fb763958ddcf207551558ff06b1a0

  • SHA1

    64bd92b0a8cd71d8a795f481be30763f2139ea76

  • SHA256

    8afcc55b59e124b3840bbee5afb30e70354590eee693480a43fe7d586e909a9e

  • SHA512

    b61c972b232cf6d8e9929396d9970c7718dbcc295a3cd200eb1e1dae005acaffd79c4975f7d0655fafa92db8706fcc2b81a92d274c4220d588110bf18d2c3b93

  • SSDEEP

    24576:SYD1kEJen92P7pK43qcF0SymoaZSftjohWPoJNXzk0Ck5sdfw9X1Xq82isbtGabx:SYDCEJ82PE4a1F40qxzk9k5hXXqjv2w

Score
10/10

Malware Config

Targets

    • Target

      tmp

    • Size

      1.7MB

    • MD5

      721fb763958ddcf207551558ff06b1a0

    • SHA1

      64bd92b0a8cd71d8a795f481be30763f2139ea76

    • SHA256

      8afcc55b59e124b3840bbee5afb30e70354590eee693480a43fe7d586e909a9e

    • SHA512

      b61c972b232cf6d8e9929396d9970c7718dbcc295a3cd200eb1e1dae005acaffd79c4975f7d0655fafa92db8706fcc2b81a92d274c4220d588110bf18d2c3b93

    • SSDEEP

      24576:SYD1kEJen92P7pK43qcF0SymoaZSftjohWPoJNXzk0Ck5sdfw9X1Xq82isbtGabx:SYDCEJ82PE4a1F40qxzk9k5hXXqjv2w

    Score
    10/10
    • Detect ZGRat V1

    • Kinsing

      Kinsing is a loader written in Golang.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks