zgrat | 859f296afcad7531a5e2ee4b5b8346da0d5ac0ba33700804216aa7365920f7cb | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

859f296afcad7531a5e2ee4b5b8346da0d5ac0ba33700804216aa7365920f7cb
Size

4.5MB
Sample

240328-2h6r1aae2s
MD5

c66b1f6942762649c44bca726995a227
SHA1

d22eba1dd78f3ab676afd3442a4b2a24c9342bf8
SHA256

859f296afcad7531a5e2ee4b5b8346da0d5ac0ba33700804216aa7365920f7cb
SHA512

1785bc2becad09b83aa98fe5d1191328f7f8336615144c07974ff4aeb61ec4a72940ba5d10cc9b91185a9f644b093ae74abef22531c0dc191839613369a23144
SSDEEP

98304:AaHg3Vqv+AigbRik7kZ3srMw2FX+qK60L:AaH0VqhiKj7kZ3U+FuqA

Score

10^/10

zgrat rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

859f296afcad7531a5e2ee4b5b8346da0d5ac0ba33700804216aa7365920f7cb.exe

Resource

win7-20240221-en

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

859f296afcad7531a5e2ee4b5b8346da0d5ac0ba33700804216aa7365920f7cb.exe

Resource

win10-20240221-en

windows10-1703-x64

6 signatures

300 seconds

Malware Config

Targets

- Target
  
  859f296afcad7531a5e2ee4b5b8346da0d5ac0ba33700804216aa7365920f7cb
- Size
  
  4.5MB
- MD5
  
  c66b1f6942762649c44bca726995a227
- SHA1
  
  d22eba1dd78f3ab676afd3442a4b2a24c9342bf8
- SHA256
  
  859f296afcad7531a5e2ee4b5b8346da0d5ac0ba33700804216aa7365920f7cb
- SHA512
  
  1785bc2becad09b83aa98fe5d1191328f7f8336615144c07974ff4aeb61ec4a72940ba5d10cc9b91185a9f644b093ae74abef22531c0dc191839613369a23144
- SSDEEP
  
  98304:AaHg3Vqv+AigbRik7kZ3srMw2FX+qK60L:AaH0VqhiKj7kZ3U+FuqA
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy