zgrat | 37d22bf567962bb14412f2034d9e9338feb599fe214a59d73cb47929e0de9957 | Triage

Submit
Reports

Overview

overview

Static

static

29d409af26...e1.exe

windows7-x64

29d409af26...e1.exe

windows10-2004-x64

Sharing

General

Target

37d22bf567962bb14412f2034d9e9338feb599fe214a59d73cb47929e0de9957
Size

347KB
Sample

240417-qm487ahc67
MD5

592fb2f88fd9940e7d0fd9a215e1bf82
SHA1

d398a79a20423b6ed1c8cdbdb2401c5d79af1521
SHA256

37d22bf567962bb14412f2034d9e9338feb599fe214a59d73cb47929e0de9957
SHA512

ad6a4f9cbdab23e42a37c5a3861eb5f3a586e062992bedfba58c42f8d066ea1908df219ce454a1701a6916248a463614a501fe6d2b61991ae6cd1a590365ce73
SSDEEP

6144:gOCjw5afL9fzGlLRn7Q57Iz7WVKmm9Fy7Dt9oN8KOqnyrUlmCn/:g1wgfLtzGl978O/mjPHoCfOyolmW/

Score

10^/10

zgrat rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

29d409af265261b204f6eeeedb5e9bb1f7a829b723a5d1d78384066744bddbe1.exe

Resource

win7-20240220-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

29d409af265261b204f6eeeedb5e9bb1f7a829b723a5d1d78384066744bddbe1.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  29d409af265261b204f6eeeedb5e9bb1f7a829b723a5d1d78384066744bddbe1.exe
- Size
  
  451KB
- MD5
  
  b2b60c50903a73efffcb4e33ce49238f
- SHA1
  
  9b6f27fc410748ae1570978d7a6aba95a1041eea
- SHA256
  
  29d409af265261b204f6eeeedb5e9bb1f7a829b723a5d1d78384066744bddbe1
- SHA512
  
  2c66a1615de77157f57c662de2e3ec97deb8cb6aadc0a03ff0acc3b269affd5ae0d50dfef85939ca9c1a8c6d47ff915061157e7da92dc286cb6ddd9b06a88126
- SSDEEP
  
  6144:dI6go9vB3SD75MlCe8KihsZC2uLrfA1v6OvNMpP/Ao+gK:dtgKdSv5M41KkK4LzgyoNMpP/Ao+
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy