General

  • Target

    8d6b749c08365f32e1fa55eaaff54827.bin

  • Size

    1.4MB

  • Sample

    240505-bys8qsad91

  • MD5

    3319c82f2438ad5ace5904517da59355

  • SHA1

    c24f9697b2214bdea826522a8f59bf7b0fc1476c

  • SHA256

    75ed377e103e23615abfca5c647fc54527cd2f69f586e41722ccc1ba8980f410

  • SHA512

    708b68eaece9da08a82928c1abb7f0dc79e5e793e7cd62d09e51c0f1e781da4ebf3a60e760fc9d2ea0825c16e96456a9651e1afade3e07e01f4d222323dc65c6

  • SSDEEP

    24576:JOAHS8vCOWrotZiaI/r9/Fis7peugwVCZFrYVOLLyI8m/GHqdDahi0893jA42dfy:JOQ/oaEr1Es7GwUFUsLyI8wG+DaQT2Jm

Score
10/10

Malware Config

Targets

    • Target

      2b4a998c588be37808c8743624bdedec96ac3cb80de750cf81dde1fdd22d508f.exe

    • Size

      1.8MB

    • MD5

      8d6b749c08365f32e1fa55eaaff54827

    • SHA1

      28b8ae306d72ce3bbf860fd25c43b30668a16383

    • SHA256

      2b4a998c588be37808c8743624bdedec96ac3cb80de750cf81dde1fdd22d508f

    • SHA512

      c9fdc71446cd1bf17c3f4713779dfe1018746dad79ebf1cf4ef3f44e870ce3e42baa5a5859a26bdd6c7fb64d7ca1968e066a105396a23f357298511e6dc72992

    • SSDEEP

      24576:QSm6j+TPH2fF9fgpoX1dVb7SVfMWW5zrRjjBjR5wGOvvXWk45i1OSOhSkZQdv0cH:NIHUfIoXTpSRMWW98GOGk45XSOhdu0

    Score
    10/10
    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks