General

  • Target

    2B4A998C588BE37808C8743624BDEDEC96AC3CB80DE75.exe

  • Size

    1.8MB

  • Sample

    240503-yd3yrsgg96

  • MD5

    8d6b749c08365f32e1fa55eaaff54827

  • SHA1

    28b8ae306d72ce3bbf860fd25c43b30668a16383

  • SHA256

    2b4a998c588be37808c8743624bdedec96ac3cb80de750cf81dde1fdd22d508f

  • SHA512

    c9fdc71446cd1bf17c3f4713779dfe1018746dad79ebf1cf4ef3f44e870ce3e42baa5a5859a26bdd6c7fb64d7ca1968e066a105396a23f357298511e6dc72992

  • SSDEEP

    24576:QSm6j+TPH2fF9fgpoX1dVb7SVfMWW5zrRjjBjR5wGOvvXWk45i1OSOhSkZQdv0cH:NIHUfIoXTpSRMWW98GOGk45XSOhdu0

Score
10/10

Malware Config

Targets

    • Target

      2B4A998C588BE37808C8743624BDEDEC96AC3CB80DE75.exe

    • Size

      1.8MB

    • MD5

      8d6b749c08365f32e1fa55eaaff54827

    • SHA1

      28b8ae306d72ce3bbf860fd25c43b30668a16383

    • SHA256

      2b4a998c588be37808c8743624bdedec96ac3cb80de750cf81dde1fdd22d508f

    • SHA512

      c9fdc71446cd1bf17c3f4713779dfe1018746dad79ebf1cf4ef3f44e870ce3e42baa5a5859a26bdd6c7fb64d7ca1968e066a105396a23f357298511e6dc72992

    • SSDEEP

      24576:QSm6j+TPH2fF9fgpoX1dVb7SVfMWW5zrRjjBjR5wGOvvXWk45i1OSOhSkZQdv0cH:NIHUfIoXTpSRMWW98GOGk45XSOhdu0

    Score
    10/10
    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks