zgrat | 5a3ef9e8a2ea282253a57ab68f75caa9144c606725e57a37b8cfe83cc63db191 | Triage

Submit
Reports

Overview

overview

Static

static

1

5a3ef9e8a2...91.exe

windows7-x64

5a3ef9e8a2...91.exe

windows10-2004-x64

Sharing

General

Target

5a3ef9e8a2ea282253a57ab68f75caa9144c606725e57a37b8cfe83cc63db191.exe
Size

209KB
Sample

240420-bn7y5scf33
MD5

37b1b265010213a6b399f256f0f30612
SHA1

efb26dc10127cb575729fd19d308dad01e4d2484
SHA256

5a3ef9e8a2ea282253a57ab68f75caa9144c606725e57a37b8cfe83cc63db191
SHA512

46ad0cd7651230e4b5aba1117f1aa0f215389188d112a783b37818db7b66ac0783634300e2d943c802e9028459e775492d844ed9f87b3aa45405c9d0e567e7f8
SSDEEP

3072:riBtuH8wrbjHTKXr9i0XqRwtWRB4uLalQrm06fG4R+ZIc:mBtuH8wrWRiZRkWYuLLrJ67+

Score

10^/10

zgrat rat

Static task

static1

Behavioral task

behavioral1

Sample

5a3ef9e8a2ea282253a57ab68f75caa9144c606725e57a37b8cfe83cc63db191.exe

Resource

win7-20240221-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

5a3ef9e8a2ea282253a57ab68f75caa9144c606725e57a37b8cfe83cc63db191.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  5a3ef9e8a2ea282253a57ab68f75caa9144c606725e57a37b8cfe83cc63db191.exe
- Size
  
  209KB
- MD5
  
  37b1b265010213a6b399f256f0f30612
- SHA1
  
  efb26dc10127cb575729fd19d308dad01e4d2484
- SHA256
  
  5a3ef9e8a2ea282253a57ab68f75caa9144c606725e57a37b8cfe83cc63db191
- SHA512
  
  46ad0cd7651230e4b5aba1117f1aa0f215389188d112a783b37818db7b66ac0783634300e2d943c802e9028459e775492d844ed9f87b3aa45405c9d0e567e7f8
- SSDEEP
  
  3072:riBtuH8wrbjHTKXr9i0XqRwtWRB4uLalQrm06fG4R+ZIc:mBtuH8wrWRiZRkWYuLLrJ67+
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy