zgrat | 572e5e6295f7bc9877c82de35f32ed4039cc68c7d8f508be1c9302b795b09deb | Triage

Submit
Reports

Overview

overview

Static

static

1

572e5e6295...eb.exe

windows7-x64

572e5e6295...eb.exe

windows10-2004-x64

Sharing

General

Target

572e5e6295f7bc9877c82de35f32ed4039cc68c7d8f508be1c9302b795b09deb.exe
Size

209KB
Sample

240420-nt7a1sfg55
MD5

c80d855e5cd40f34e27e3da00bd24b82
SHA1

afcfe5313e5ab286433e150bf22f8cd33cb7e0c8
SHA256

572e5e6295f7bc9877c82de35f32ed4039cc68c7d8f508be1c9302b795b09deb
SHA512

367ff5ba9ea1406bd5716f2c6d4e57bb0fe0175e2eae9b8718ae2ea51c1cb59d979d253e617fffe5ca7f4bdb4523cc55c7956a12097ec0b5343f32438a02b5a6
SSDEEP

3072:bDKt5H8wGbvWT5QaVna4xqRbSSXqdT4PO5iJSXQrx7af41+oyc:/Kt5H8wPt3aHRbSSX44G5iJprx7p+

Score

10^/10

zgrat rat

Static task

static1

Behavioral task

behavioral1

Sample

572e5e6295f7bc9877c82de35f32ed4039cc68c7d8f508be1c9302b795b09deb.exe

Resource

win7-20231129-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

572e5e6295f7bc9877c82de35f32ed4039cc68c7d8f508be1c9302b795b09deb.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  572e5e6295f7bc9877c82de35f32ed4039cc68c7d8f508be1c9302b795b09deb.exe
- Size
  
  209KB
- MD5
  
  c80d855e5cd40f34e27e3da00bd24b82
- SHA1
  
  afcfe5313e5ab286433e150bf22f8cd33cb7e0c8
- SHA256
  
  572e5e6295f7bc9877c82de35f32ed4039cc68c7d8f508be1c9302b795b09deb
- SHA512
  
  367ff5ba9ea1406bd5716f2c6d4e57bb0fe0175e2eae9b8718ae2ea51c1cb59d979d253e617fffe5ca7f4bdb4523cc55c7956a12097ec0b5343f32438a02b5a6
- SSDEEP
  
  3072:bDKt5H8wGbvWT5QaVna4xqRbSSXqdT4PO5iJSXQrx7af41+oyc:/Kt5H8wPt3aHRbSSX44G5iJprx7p+
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy