zgrat | ea339584b9614ad651f5733d92248c680e7120b1bf548159c63f2761b4670c79 | Triage

Submit
Reports

Overview

overview

Static

static

1

EBKG082833...SC.bat

windows7-x64

1

EBKG082833...SC.bat

windows10-2004-x64

Sharing

General

Target

EBKG08283398 INV.NO.313_SC_SC.zip
Size

1.1MB
Sample

240406-px7xdsae5w
MD5

3d6e7a3452ee51fac58dcd85f54ac971
SHA1

1053025143f06a24561b7edeabb99d9095bfa03a
SHA256

ea339584b9614ad651f5733d92248c680e7120b1bf548159c63f2761b4670c79
SHA512

5e1f7f41d0647e1aad84147f1ffb2695e8772567bd28a7255dd5822a71e9e464b79cc27a80bfd179e64f0a2210f82ac47688b4c05bc82f29e104743e0f029954
SSDEEP

24576:oyXVgcms2luaJFnzJoeduIJ/7eT2fBXTltBqF:oylgc/aJ5zFeydTE

Score

10^/10

zgrat rat

Static task

static1

Behavioral task

behavioral1

Sample

EBKG08283398 INV.NO.313_SC_SC.bat

Resource

win7-20240221-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

EBKG08283398 INV.NO.313_SC_SC.bat

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  EBKG08283398 INV.NO.313_SC_SC.bat
- Size
  
  1.5MB
- MD5
  
  891b1780e08638a8311b1e5ae2bd670e
- SHA1
  
  0504a30572e0a54475ce8e0372b8132cfc567f6d
- SHA256
  
  3eeecf195767fc31136365220f549d915c97b0a59194fbbe93f019e8a57fb110
- SHA512
  
  55f6b49c1a43d8410c5d7ed90eaacc7034cf36acea30c8aac0981722be40b9f9060dbc19d8b230eb16af9b27a7287e19f36b48614772dcd1b4d2c39f55ba9415
- SSDEEP
  
  24576:xWnPze4mISNmnNrdVPkEcoGHNo/RjRem3Pjw1ansgpM5u6Zr7HVBfGX8HdtWcVu/:4Pyp+RPW9hlhep
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy