Resubmissions

16/04/2024, 17:00

240416-vh45vaha6y 1

16/04/2024, 16:59

240416-vhhxlsfd58 10

16/04/2024, 16:43

240416-t79k7agf9y 10

General

  • Target

    https://goo.su/nbyqnYl

  • Sample

    240416-t79k7agf9y

Malware Config

Targets

    • Target

      https://goo.su/nbyqnYl

    • Detect ZGRat V1

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

MITRE ATT&CK Enterprise v15

Tasks