zgrat | 7c13fcd7e8a3212b17e4d80b4497de57c5e05997e711e8135f03670562b3c3de | Triage

Submit
Reports

Overview

overview

Static

static

3

PURCHASE O...25.exe

windows7-x64

PURCHASE O...25.exe

windows10-2004-x64

Sharing

General

Target

PURCHASE ORDER No POCON18025.exe
Size

1.2MB
Sample

240220-z5z7mafa5y
MD5

4aa969c1523e3469cdde09229e8d5295
SHA1

d6f561eaf676d924c733c5d36a4d59cf93c01546
SHA256

7c13fcd7e8a3212b17e4d80b4497de57c5e05997e711e8135f03670562b3c3de
SHA512

d2068902780076d58985162762b62072004c139f89f34d05b05f1a2f0c8dfadcc51da7adc75deaf24041722be10f350f52b204d13a88c626efa456cb1ba7befb
SSDEEP

24576:L3zAWOa3I/MOe2vRFvRo5Dtti7EQFVMTXcGN:BlOeejRsKEyVMY

Score

10^/10

zgrat rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

PURCHASE ORDER No POCON18025.exe

Resource

win7-20231215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

PURCHASE ORDER No POCON18025.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  PURCHASE ORDER No POCON18025.exe
- Size
  
  1.2MB
- MD5
  
  4aa969c1523e3469cdde09229e8d5295
- SHA1
  
  d6f561eaf676d924c733c5d36a4d59cf93c01546
- SHA256
  
  7c13fcd7e8a3212b17e4d80b4497de57c5e05997e711e8135f03670562b3c3de
- SHA512
  
  d2068902780076d58985162762b62072004c139f89f34d05b05f1a2f0c8dfadcc51da7adc75deaf24041722be10f350f52b204d13a88c626efa456cb1ba7befb
- SSDEEP
  
  24576:L3zAWOa3I/MOe2vRFvRo5Dtti7EQFVMTXcGN:BlOeejRsKEyVMY
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy