zgrat | 913b985da938b934ff7a3174ba08045b21b7fac60748bc618dd34ecbc0b8b658 | Triage

Submit
Reports

Overview

overview

Static

static

a440481c46...aa.exe

windows7-x64

a440481c46...aa.exe

windows10-2004-x64

Sharing

General

Target

a440481c46ddfcd031fa591392d1cfaa.exe
Size

2.3MB
Sample

240417-y4zc9sdc99
MD5

a440481c46ddfcd031fa591392d1cfaa
SHA1

249d6439c00bcbe7cc0500b589fb45eb8deaeb85
SHA256

913b985da938b934ff7a3174ba08045b21b7fac60748bc618dd34ecbc0b8b658
SHA512

00a7665d217408efa90e223cff0f6a9a2672797657bda1acaf81da596adef1bff346f5aa557e93455cb3d9ec87d1594b3fe5e61f112cd20b6b0766d2511f0ae7
SSDEEP

49152:d5H9+Jlsn35Q9LLr4aUT8vHtePTN9DNyNTVGqlzC7Vnp:d5H9+IIIbyHte7DYNpzleVp

Score

10^/10

zgrat rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

a440481c46ddfcd031fa591392d1cfaa.exe

Resource

win7-20240221-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

a440481c46ddfcd031fa591392d1cfaa.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  a440481c46ddfcd031fa591392d1cfaa.exe
- Size
  
  2.3MB
- MD5
  
  a440481c46ddfcd031fa591392d1cfaa
- SHA1
  
  249d6439c00bcbe7cc0500b589fb45eb8deaeb85
- SHA256
  
  913b985da938b934ff7a3174ba08045b21b7fac60748bc618dd34ecbc0b8b658
- SHA512
  
  00a7665d217408efa90e223cff0f6a9a2672797657bda1acaf81da596adef1bff346f5aa557e93455cb3d9ec87d1594b3fe5e61f112cd20b6b0766d2511f0ae7
- SSDEEP
  
  49152:d5H9+Jlsn35Q9LLr4aUT8vHtePTN9DNyNTVGqlzC7Vnp:d5H9+IIIbyHte7DYNpzleVp
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy