Overview

overview

10

Static

static

1

Receipt_681002.exe

windows7-x64

10

Receipt_681002.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Receipt_681002.exe

  • Size

    218KB

  • Sample

    240422-p35n8abe72

  • MD5

    50681fe59265316a9e7ee37aa1701d40

  • SHA1

    0d0a72613be20e838c69c1bfbeb64bf4390a0c75

  • SHA256

    519a81a6a4377d435fd2932ab99343c034b563d5c63c38eac42c920d98fc3e86

  • SHA512

    5ae5cadc40e419b8bd93485f95cc8cdc24c97302a763112131377b089c0497149180a1c7ab10d16aee969dd122296be8a728ca79cf887262bafc41c98eb96b06

  • SSDEEP

    3072:MjbQw5tKM/717+wUPnS21mQbnc+BR0pKREX/WONBuwrhmc7U1iIyx1IhNXOXcal0:Z+86uwrhmkErFDnXAgpH

Score
10/10
zgratpersistencerat

Malware Config

Targets

    • Target

      Receipt_681002.exe

    • Size

      218KB

    • MD5

      50681fe59265316a9e7ee37aa1701d40

    • SHA1

      0d0a72613be20e838c69c1bfbeb64bf4390a0c75

    • SHA256

      519a81a6a4377d435fd2932ab99343c034b563d5c63c38eac42c920d98fc3e86

    • SHA512

      5ae5cadc40e419b8bd93485f95cc8cdc24c97302a763112131377b089c0497149180a1c7ab10d16aee969dd122296be8a728ca79cf887262bafc41c98eb96b06

    • SSDEEP

      3072:MjbQw5tKM/717+wUPnS21mQbnc+BR0pKREX/WONBuwrhmc7U1iIyx1IhNXOXcal0:Z+86uwrhmkErFDnXAgpH

    Score
    10/10
    zgratpersistencerat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks