Overview

overview

10

Static

static

3

415501cba5...af.exe

windows7-x64

10

415501cba5...af.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    415501cba527ef5e011fd0c180e45545b7602dc25d76a3d0752220f207861baf.exe

  • Size

    1.3MB

  • Sample

    240420-lf9swaeb3w

  • MD5

    d18e6c991fa548d0cf39ea1586738d2f

  • SHA1

    8a36bcb681c19ee4ebc63b61155d1a2a0c0e742d

  • SHA256

    415501cba527ef5e011fd0c180e45545b7602dc25d76a3d0752220f207861baf

  • SHA512

    6dc858956208ffe8a6164b559c315a9b4a967797ac4ec394fa3df61ab2aaf26ab4f366e0bfa4711f3bc2f26fe23602877f2df74927e76250119fb2e4a4e4e2e4

  • SSDEEP

    6144:l5zE03idtBgfNM4NbtbKQ7aZV2+lfJzr27/stxtJvcsWy3as+CBbDMnjwVAgRjI0:6teRexrugPlsWlZ2cwpdlK6LocKZuBu

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      415501cba527ef5e011fd0c180e45545b7602dc25d76a3d0752220f207861baf.exe

    • Size

      1.3MB

    • MD5

      d18e6c991fa548d0cf39ea1586738d2f

    • SHA1

      8a36bcb681c19ee4ebc63b61155d1a2a0c0e742d

    • SHA256

      415501cba527ef5e011fd0c180e45545b7602dc25d76a3d0752220f207861baf

    • SHA512

      6dc858956208ffe8a6164b559c315a9b4a967797ac4ec394fa3df61ab2aaf26ab4f366e0bfa4711f3bc2f26fe23602877f2df74927e76250119fb2e4a4e4e2e4

    • SSDEEP

      6144:l5zE03idtBgfNM4NbtbKQ7aZV2+lfJzr27/stxtJvcsWy3as+CBbDMnjwVAgRjI0:6teRexrugPlsWlZ2cwpdlK6LocKZuBu

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Executes dropped EXE

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks