Overview

overview

10

Static

static

3

Wyyqwqt.exe

windows11-21h2-x64

10

Resubmissions

19/02/2024, 13:10

240219-qesv7add7v 10

19/02/2024, 12:25

240219-plt66adb2s 10

19/02/2024, 12:14

240219-pegx9add95 10

19/02/2024, 12:05

240219-n85qqsdd79 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Wyyqwqt.exe

  • Size

    919KB

  • Sample

    240219-qesv7add7v

  • MD5

    2f8158a69323954193acf7cbb6bde8fd

  • SHA1

    d149b65f8f1e13dff92b23f1e972b250f0ef7b34

  • SHA256

    bbac4a6b0b157ee522451908f233854b8798e0bfbab54dea364a511d711324f1

  • SHA512

    5facb676db2d575cc3dc8cefa9cd7d84c0586f79acb5d821fc9b6e0b083fca72682eefc45cdb8ff79caf6506e5a07598cd9f199987eb7e1d91ef941e54bccfcf

  • SSDEEP

    24576:mn8g+IxNy2TBIBscu2foEtKE5YTwoUA6OyGutIQDqw:M+ao2TBIBNuTECwoytx

Score
10/10
zgratpersistencerat

Malware Config

Targets

    • Target

      Wyyqwqt.exe

    • Size

      919KB

    • MD5

      2f8158a69323954193acf7cbb6bde8fd

    • SHA1

      d149b65f8f1e13dff92b23f1e972b250f0ef7b34

    • SHA256

      bbac4a6b0b157ee522451908f233854b8798e0bfbab54dea364a511d711324f1

    • SHA512

      5facb676db2d575cc3dc8cefa9cd7d84c0586f79acb5d821fc9b6e0b083fca72682eefc45cdb8ff79caf6506e5a07598cd9f199987eb7e1d91ef941e54bccfcf

    • SSDEEP

      24576:mn8g+IxNy2TBIBscu2foEtKE5YTwoUA6OyGutIQDqw:M+ao2TBIBNuTECwoytx

    Score
    10/10
    zgratpersistencerat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks