Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e953ddb924a32ab5a78488d75e8f753832293eece41b98eb7227651dfe7ed8cf

  • Size

    1.8MB

  • Sample

    240509-3nbz9aha43

  • MD5

    a67fdb51541686d28c98b68b6bef896f

  • SHA1

    9eb2a81d09bdc9a6a1cec563ec213d3bc21f353a

  • SHA256

    e953ddb924a32ab5a78488d75e8f753832293eece41b98eb7227651dfe7ed8cf

  • SHA512

    6085a8b96228c0837cf8659fe753857859ff3b834f10d73fc878146a2b736844ec70e7aca360b1f8d0ee288fa974fbf8ca15ac49a898bbe3b226854b03472c15

  • SSDEEP

    49152:YI42I10MaEU0AFAjfzyrobPfo2yp0MIEq:YMv4zvyroETFIEq

Score
10/10
zgratrat

Malware Config

Targets

    • Target

      e953ddb924a32ab5a78488d75e8f753832293eece41b98eb7227651dfe7ed8cf

    • Size

      1.8MB

    • MD5

      a67fdb51541686d28c98b68b6bef896f

    • SHA1

      9eb2a81d09bdc9a6a1cec563ec213d3bc21f353a

    • SHA256

      e953ddb924a32ab5a78488d75e8f753832293eece41b98eb7227651dfe7ed8cf

    • SHA512

      6085a8b96228c0837cf8659fe753857859ff3b834f10d73fc878146a2b736844ec70e7aca360b1f8d0ee288fa974fbf8ca15ac49a898bbe3b226854b03472c15

    • SSDEEP

      49152:YI42I10MaEU0AFAjfzyrobPfo2yp0MIEq:YMv4zvyroETFIEq

    Score
    10/10
    zgratrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks