Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    ea3cbff3a2fda4347fe753f7ef1e5530ae21a7ba9b5961f0536c7f8fe69bea40

  • Size

    447KB

  • Sample

    240417-s77k6afh6t

  • MD5

    2cafc3aaa59df28dd4e732e1b4b76d2e

  • SHA1

    b235cee8e453d492f8a8c7360dc0a7bbea151d93

  • SHA256

    ea3cbff3a2fda4347fe753f7ef1e5530ae21a7ba9b5961f0536c7f8fe69bea40

  • SHA512

    515c3a491b3f3f328bbba47d7e9c97fb2c3d787a97f8802414484a98ed8134ccb370be6aca34fa6044e38bc137baf5ffdb36ceba77de2de0f29f5a699a2d1dd1

  • SSDEEP

    6144:NZVqFqyN4t82ZR0AfdmMsxtwiC/Q/xhhwK+4V3boQj8Vx7M8CHVP:XsdN4DZuxxiuxhhwkhoQ4P7MTVP

Score
10/10
stealczgratratstealer

Malware Config

Targets

    • Target

      ea3cbff3a2fda4347fe753f7ef1e5530ae21a7ba9b5961f0536c7f8fe69bea40

    • Size

      447KB

    • MD5

      2cafc3aaa59df28dd4e732e1b4b76d2e

    • SHA1

      b235cee8e453d492f8a8c7360dc0a7bbea151d93

    • SHA256

      ea3cbff3a2fda4347fe753f7ef1e5530ae21a7ba9b5961f0536c7f8fe69bea40

    • SHA512

      515c3a491b3f3f328bbba47d7e9c97fb2c3d787a97f8802414484a98ed8134ccb370be6aca34fa6044e38bc137baf5ffdb36ceba77de2de0f29f5a699a2d1dd1

    • SSDEEP

      6144:NZVqFqyN4t82ZR0AfdmMsxtwiC/Q/xhhwK+4V3boQj8Vx7M8CHVP:XsdN4DZuxxiuxhhwkhoQ4P7MTVP

    Score
    10/10
    stealczgratratstealer

    • Detect ZGRat V1

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks