Overview

overview

10

Static

static

1

ltrt.exe

windows7-x64

10

ltrt.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ltrt.exe

  • Size

    180KB

  • Sample

    240422-k29jkahg76

  • MD5

    f333f0a16c7bb7129e6659e145525be6

  • SHA1

    e6d057c501381d3604e24d73edc81254ddf7bbb1

  • SHA256

    5bca86ec4ed35175dd33db2943f1fc7839ae3565229fc5fd9227bbd9f0aa637b

  • SHA512

    34b31dffdbb53cf90efaf00847777ced46b888825bffc882ecf694def7203d7a3656cde1cb2279b84200afca42f1de2ab8b0c7c8c367c18fe796a146ddb61b33

  • SSDEEP

    3072:ZJgCU1m6NcbkgbpA9QPqym0Mxqwg0QSNU6Ji3G8uNLt9N18Y+ECc:Zuz1pNc8WGQwgVSri3G8uP9N/+

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      ltrt.exe

    • Size

      180KB

    • MD5

      f333f0a16c7bb7129e6659e145525be6

    • SHA1

      e6d057c501381d3604e24d73edc81254ddf7bbb1

    • SHA256

      5bca86ec4ed35175dd33db2943f1fc7839ae3565229fc5fd9227bbd9f0aa637b

    • SHA512

      34b31dffdbb53cf90efaf00847777ced46b888825bffc882ecf694def7203d7a3656cde1cb2279b84200afca42f1de2ab8b0c7c8c367c18fe796a146ddb61b33

    • SSDEEP

      3072:ZJgCU1m6NcbkgbpA9QPqym0Mxqwg0QSNU6Ji3G8uNLt9N18Y+ECc:Zuz1pNc8WGQwgVSri3G8uP9N/+

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks