zgrat | 6fb2bda81d9edf6955e7d6bd5d9dfb5a0f3d7695eacd2a0e4f3988812ebf41cd | Triage

Submit
Reports

Overview

overview

Static

static

3

907e21e5c1...f6.exe

windows7-x64

907e21e5c1...f6.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

907e21e5c122b5a3126a86d7d02df4f6.exe
Size

54KB
Sample

240310-zlerksbh81
MD5

907e21e5c122b5a3126a86d7d02df4f6
SHA1

031db700719b48c691116f5027d5609efc7c210f
SHA256

6fb2bda81d9edf6955e7d6bd5d9dfb5a0f3d7695eacd2a0e4f3988812ebf41cd
SHA512

d19076ef75e2c8ce85acf0b2a22b0aadbcdb945e56153a58dea52f068c23caf76e8673dc4012b23a511b32404193cd88cfaa4523509e5340d0f46d01322c05fc
SSDEEP

768:+pMsRVqvTtICYY5xbjVz6GPt5ToMHTuGeeU/OgUO90THf8CyTHf8C0mbt:GRVqv16eXTpHTuGj0Jx90T8HT8lmp

Score

10^/10

zgrat rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

907e21e5c122b5a3126a86d7d02df4f6.exe

Resource

win7-20240221-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

907e21e5c122b5a3126a86d7d02df4f6.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  907e21e5c122b5a3126a86d7d02df4f6.exe
- Size
  
  54KB
- MD5
  
  907e21e5c122b5a3126a86d7d02df4f6
- SHA1
  
  031db700719b48c691116f5027d5609efc7c210f
- SHA256
  
  6fb2bda81d9edf6955e7d6bd5d9dfb5a0f3d7695eacd2a0e4f3988812ebf41cd
- SHA512
  
  d19076ef75e2c8ce85acf0b2a22b0aadbcdb945e56153a58dea52f068c23caf76e8673dc4012b23a511b32404193cd88cfaa4523509e5340d0f46d01322c05fc
- SSDEEP
  
  768:+pMsRVqvTtICYY5xbjVz6GPt5ToMHTuGeeU/OgUO90THf8CyTHf8C0mbt:GRVqv16eXTpHTuGj0Jx90T8HT8lmp
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy