Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7af67262de49c066ace24dd3817b8902ddbb1a9ac76fa8d307f0a8211b6ccf04

  • Size

    425KB

  • Sample

    240423-cn75ksbe54

  • MD5

    d215783609513e4b82b1810011429514

  • SHA1

    58c2bb207303cbf33024a2c739b8165489d52944

  • SHA256

    7af67262de49c066ace24dd3817b8902ddbb1a9ac76fa8d307f0a8211b6ccf04

  • SHA512

    48aa8ee9e730c6af5a9c23a30b753c62302f62792c46e343360472c1b9a6f57331a155ffbd7735ffc86c65dff8409ce64e88b726ba0e95512b5b4fa1c77689b2

  • SSDEEP

    6144:B6gl3G1Y/X3OHd9ASFIBFcKUjhIR5hfXtleej0nJTRAaPBS+b/fP:IgX/O0KOzXeLdRlX/fP

Score
10/10
stealczgratratstealer

Malware Config

Targets

    • Target

      7af67262de49c066ace24dd3817b8902ddbb1a9ac76fa8d307f0a8211b6ccf04

    • Size

      425KB

    • MD5

      d215783609513e4b82b1810011429514

    • SHA1

      58c2bb207303cbf33024a2c739b8165489d52944

    • SHA256

      7af67262de49c066ace24dd3817b8902ddbb1a9ac76fa8d307f0a8211b6ccf04

    • SHA512

      48aa8ee9e730c6af5a9c23a30b753c62302f62792c46e343360472c1b9a6f57331a155ffbd7735ffc86c65dff8409ce64e88b726ba0e95512b5b4fa1c77689b2

    • SSDEEP

      6144:B6gl3G1Y/X3OHd9ASFIBFcKUjhIR5hfXtleej0nJTRAaPBS+b/fP:IgX/O0KOzXeLdRlX/fP

    Score
    10/10
    stealczgratratstealer

    • Detect ZGRat V1

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks