General

  • Target

    c1fc3cc411715c3516ba91e948b53416e9567836091646af96c37a35c07c985b

  • Size

    447KB

  • Sample

    240417-ftprzaed76

  • MD5

    54abcad0c5feb7390352b815948dde0e

  • SHA1

    ff49d09d0bf2b8c74357087d075e9eda63aeadaf

  • SHA256

    c1fc3cc411715c3516ba91e948b53416e9567836091646af96c37a35c07c985b

  • SHA512

    0b99f7cab57c93c9bd139a9bed046bff876ba456eaf570d7d0d477827bc1f6a6b2c08110d7f247402783fcdedbf250416cc5c6f41d33ac30ecc25a2848a6a3d9

  • SSDEEP

    12288:zy5vni5zYCLqSfKbxhWqeXJziUQHJwPWE4:zzX9fCWdzhOG94

Score
10/10

Malware Config

Targets

    • Target

      c1fc3cc411715c3516ba91e948b53416e9567836091646af96c37a35c07c985b

    • Size

      447KB

    • MD5

      54abcad0c5feb7390352b815948dde0e

    • SHA1

      ff49d09d0bf2b8c74357087d075e9eda63aeadaf

    • SHA256

      c1fc3cc411715c3516ba91e948b53416e9567836091646af96c37a35c07c985b

    • SHA512

      0b99f7cab57c93c9bd139a9bed046bff876ba456eaf570d7d0d477827bc1f6a6b2c08110d7f247402783fcdedbf250416cc5c6f41d33ac30ecc25a2848a6a3d9

    • SSDEEP

      12288:zy5vni5zYCLqSfKbxhWqeXJziUQHJwPWE4:zzX9fCWdzhOG94

    Score
    10/10
    • Detect ZGRat V1

    • Stealc

      Stealc is an infostealer written in C++.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks