zgrat | 2306a778adcf141db023e4aba49983ec16bfd1a88b0b1a59ac1a58a704dffe6b | Triage

Submit
Reports

Overview

overview

Static

static

1

2306a778ad...6b.exe

windows7-x64

2306a778ad...6b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

2306a778adcf141db023e4aba49983ec16bfd1a88b0b1a59ac1a58a704dffe6b.exe
Size

6.3MB
Sample

240229-fz2nqaeg3z
MD5

a344d711eee57a20c4c56f3c642c7e2e
SHA1

d33b2efc719e6ede1af89db826b47315595c5cad
SHA256

2306a778adcf141db023e4aba49983ec16bfd1a88b0b1a59ac1a58a704dffe6b
SHA512

70ea781f9679f1ea94785e750c5df5a35c7b7c1efe88daa731170287bd271e49177910b00e54a7bc3da852e4b0237b551c8a1b9e88aa320a459bde1a6cdf958b
SSDEEP

49152:ZLL7HtK37BJNrmPws6bQuudtyA9Cqs6MiiIcu1TZmw8qn5KIXHAZ9rgxy:lYJNrmPvbhi/qK6LHAZ9yy

Score

10^/10

zgrat rat

Static task

static1

Behavioral task

behavioral1

Sample

2306a778adcf141db023e4aba49983ec16bfd1a88b0b1a59ac1a58a704dffe6b.exe

Resource

win7-20240221-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

2306a778adcf141db023e4aba49983ec16bfd1a88b0b1a59ac1a58a704dffe6b.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2306a778adcf141db023e4aba49983ec16bfd1a88b0b1a59ac1a58a704dffe6b.exe
- Size
  
  6.3MB
- MD5
  
  a344d711eee57a20c4c56f3c642c7e2e
- SHA1
  
  d33b2efc719e6ede1af89db826b47315595c5cad
- SHA256
  
  2306a778adcf141db023e4aba49983ec16bfd1a88b0b1a59ac1a58a704dffe6b
- SHA512
  
  70ea781f9679f1ea94785e750c5df5a35c7b7c1efe88daa731170287bd271e49177910b00e54a7bc3da852e4b0237b551c8a1b9e88aa320a459bde1a6cdf958b
- SSDEEP
  
  49152:ZLL7HtK37BJNrmPws6bQuudtyA9Cqs6MiiIcu1TZmw8qn5KIXHAZ9rgxy:lYJNrmPvbhi/qK6LHAZ9yy
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy