Overview

overview

10

Static

static

3

adguardinstaller.exe

windows7-x64

10

adguardinstaller.exe

windows10-2004-x64

10

privazer.exe

windows7-x64

7

privazer.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3be41028fea5d3ce5d66685ed8b71d81_JaffaCakes118

  • Size

    16.3MB

  • Sample

    240513-vzxr4afc4w

  • MD5

    3be41028fea5d3ce5d66685ed8b71d81

  • SHA1

    d48e154210294f38e451c4cb0caae47f413fb797

  • SHA256

    3bda326c6b1ad00646748e106436af9558ac862789e6d6756a6e99dc49d02a6d

  • SHA512

    52a3b7efe6a355faef58721ed58b16d597d4fc0527b26298f41fce01422aaf1f8a194b2d653a1d627f981766cae9cc9d7534d7f6e5cd5ad8c860934f00e219c9

  • SSDEEP

    393216:Fr9FvZvbhUyd+Z7FWlK6YQAiItcB4Rtwdww+hn+1EWLf6azYB:FrzNVUyd48opzcB4RQ4+6Gf6azw

Score
10/10
zgratdiscoveryrat

Malware Config

Targets

    • Target

      adguardinstaller.exe

    • Size

      108KB

    • MD5

      d07b5064171e84847eee458e77e37f62

    • SHA1

      55ff55e6fb2562bf5af94af8771a305adc18193b

    • SHA256

      a0209ba6abe82695d24a32793252e9648c3596c071cc69d79d78e66184e59034

    • SHA512

      a5aa3c61ad4208147af9dcf5e1815d25feb894d71b26d35c14600d9f93d82d35d0f72d6149a4a03f6285e85f4371d5e1d0959bcb1fd1a2076aec1c9aa7b9e38a

    • SSDEEP

      1536:WRKgf7E5VID6GnP3uAT1ob7t1mKvKC+CO1+kworWx:Wg35m7nPeA8fmKvK9MkBrE

    Score
    10/10
    zgratdiscoveryrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Downloads MZ/PE file

    behavioral1behavioral2

    • Target

      privazer.exe

    • Size

      32.4MB

    • MD5

      7b23f5476db36e74eccfba5ca746511e

    • SHA1

      b7dd7c9a42784b0b7ccb3249d6e64d8548e23542

    • SHA256

      a62ca7f0091c735f76b5b76efb37ed110a17e8674c997e8fe52f3359b313e0cd

    • SHA512

      a12bac60eabb82693a18c430cf44d0ece5fe80a64e2b3e1b4b7cc1537b0e017496ad7b48bf4855331880c338c3944f7b321710d86ce883473c8ff096948985b8

    • SSDEEP

      393216:lDDxKbO/pghQF+XLw5bj6j+fJexU0Y/S54lygj0KxmHNrhAh6hIBhBwTXHNw8f03:7qYm5myVKAK7WXtwmg

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks