zgrat | 9c621294c689defc4b76da675ded71aa710ab5fa20498f1d4dfa6fc1d4bc2455 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

9c621294c689defc4b76da675ded71aa710ab5fa20498f1d4dfa6fc1d4bc2455
Size

2.5MB
Sample

240319-xgbg9abf77
MD5

af00c05a5029f7fd7dac013bb01d220c
SHA1

f862ca3da392e901baf29eff5daebf57466cd62f
SHA256

9c621294c689defc4b76da675ded71aa710ab5fa20498f1d4dfa6fc1d4bc2455
SHA512

6470ef81ecbde644d9ac0dd7a38ef89671d07065311cb07887257108195c4d646557136fd0c2f620cd65525044106524f5cd649146459a84e85184f0a643b572
SSDEEP

24576:W3TZV5M5F3tiPNMtPcp3MAtjkwbOo9JPWCcSodJKsUpOLrF6qiz+q/pGzELEVnQx:if5G3G+tUpjjzCo/rXgKfpOLNdcWY

Score

10^/10

zgrat rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9c621294c689defc4b76da675ded71aa710ab5fa20498f1d4dfa6fc1d4bc2455.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

9c621294c689defc4b76da675ded71aa710ab5fa20498f1d4dfa6fc1d4bc2455.exe

Resource

win11-20240221-en

windows11-21h2-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  9c621294c689defc4b76da675ded71aa710ab5fa20498f1d4dfa6fc1d4bc2455
- Size
  
  2.5MB
- MD5
  
  af00c05a5029f7fd7dac013bb01d220c
- SHA1
  
  f862ca3da392e901baf29eff5daebf57466cd62f
- SHA256
  
  9c621294c689defc4b76da675ded71aa710ab5fa20498f1d4dfa6fc1d4bc2455
- SHA512
  
  6470ef81ecbde644d9ac0dd7a38ef89671d07065311cb07887257108195c4d646557136fd0c2f620cd65525044106524f5cd649146459a84e85184f0a643b572
- SSDEEP
  
  24576:W3TZV5M5F3tiPNMtPcp3MAtjkwbOo9JPWCcSodJKsUpOLrF6qiz+q/pGzELEVnQx:if5G3G+tUpjjzCo/rXgKfpOLNdcWY
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.