Overview

overview

10

Static

static

3

1710341284...ed.exe

windows7-x64

10

1710341284...ed.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/03/2024, 14:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    17103412846ffb28794fd5c55b26685397a0731841c8012995f35b12acb099ee5f3d77560d276.dat-decoded.exe

  • Size

    420KB

  • MD5

    f7df4504c2f86d6fecbb5b29e5d9fa50

  • SHA1

    47ce06baa2697338c999c935cbcb26da87b5c5a1

  • SHA256

    17d2d7a34d73f7c0f2d2cafb81b6ba1cdf8650128e4f4e16b235ee91c055f8ec

  • SHA512

    963916199c71b20edb4379e86234cc2b62fa37aca9c0627ce804314118d080b39d1c51845c9b3ef6e0af7373198c76c58c394e5e59a897c5dbba4d5fd53c7a0f

  • SSDEEP

    12288:5mAhS1SIgASSpx5p32doxi8JQx6y5CKLUUQhdKOZPx2u:0AhxAJpxj3RX8hxjtOB4

Score
10/10
zgratrat

Malware Config

Signatures

  • Detect ZGRat V1 34 IoCs
  • ZGRat

    ZGRat is remote access trojan written in C#.

    ratzgrat

Processes

  • C:\Users\Admin\AppData\Local\Temp\17103412846ffb28794fd5c55b26685397a0731841c8012995f35b12acb099ee5f3d77560d276.dat-decoded.exe
    "C:\Users\Admin\AppData\Local\Temp\17103412846ffb28794fd5c55b26685397a0731841c8012995f35b12acb099ee5f3d77560d276.dat-decoded.exe"
    1⤵
      PID:2992

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2992-0-0x0000000000FF0000-0x0000000001060000-memory.dmp

            Filesize

            448KB

            Download

          • memory/2992-1-0x000007FEF5E20000-0x000007FEF680C000-memory.dmp

            Filesize

            9.9MB

            Download

          • memory/2992-2-0x000000001AF90000-0x000000001B010000-memory.dmp

            Filesize

            512KB

            Download

          • memory/2992-3-0x0000000000D90000-0x0000000000E66000-memory.dmp

            Filesize

            856KB

            Download

          • memory/2992-4-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-5-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-7-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-9-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-11-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-13-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-15-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-17-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-19-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-21-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-23-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-25-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-27-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-29-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-31-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-33-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-35-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-37-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-39-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-41-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-43-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-45-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-47-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-49-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-51-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-53-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-55-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-57-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-59-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-61-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-63-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-65-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-67-0x0000000000D90000-0x0000000000E60000-memory.dmp

            Filesize

            832KB

            Download

          • memory/2992-6076-0x000007FEF5E20000-0x000007FEF680C000-memory.dmp

            Filesize

            9.9MB

            Download

          • memory/2992-6077-0x000000001AF90000-0x000000001B010000-memory.dmp

            Filesize

            512KB

            Download

          • memory/2992-6078-0x000000001AF90000-0x000000001B010000-memory.dmp

            Filesize

            512KB

            Download

          • memory/2992-6079-0x000000001AF90000-0x000000001B010000-memory.dmp

            Filesize

            512KB

            Download

          • memory/2992-6080-0x000000001AF90000-0x000000001B010000-memory.dmp

            Filesize

            512KB

            Download