Overview

overview

10

Static

static

3

c3a3ce4c66...d4.exe

windows7-x64

10

c3a3ce4c66...d4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c3a3ce4c665a14e6ece702846e5836d4

  • Size

    6.1MB

  • Sample

    240312-r8kx4sde32

  • MD5

    c3a3ce4c665a14e6ece702846e5836d4

  • SHA1

    19706d9c78a32e33182565788899907daffcc3a6

  • SHA256

    22e1a23471eb0e6d68cc2918081eda23e407e08ef556fed6e94e1d62112c61db

  • SHA512

    a765feccda1137b82d8d2050254f7d0b50cf95d2d23a2829b1638c7eac8f7628b971bf616f159e801105e19f55c3e897868c3afba06be6427993f1034904a700

  • SSDEEP

    196608:HSGHLHKzqi8BIlLb8214tNhYFZ0zL3JEDt:HSGHLq98Bw8C7c5E

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      c3a3ce4c665a14e6ece702846e5836d4

    • Size

      6.1MB

    • MD5

      c3a3ce4c665a14e6ece702846e5836d4

    • SHA1

      19706d9c78a32e33182565788899907daffcc3a6

    • SHA256

      22e1a23471eb0e6d68cc2918081eda23e407e08ef556fed6e94e1d62112c61db

    • SHA512

      a765feccda1137b82d8d2050254f7d0b50cf95d2d23a2829b1638c7eac8f7628b971bf616f159e801105e19f55c3e897868c3afba06be6427993f1034904a700

    • SSDEEP

      196608:HSGHLHKzqi8BIlLb8214tNhYFZ0zL3JEDt:HSGHLq98Bw8C7c5E

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks