Resubmissions

08-09-2024 21:25

240908-z94qlsydkd 7

01-09-2024 03:28

240901-d1bgtazgqr 7

20-08-2024 00:24

240820-ap5pqsxgpl 7

31-07-2024 23:45

240731-3r53hazcqq 7

21-07-2024 05:34

240721-f9jwnavekb 7

19-07-2024 11:42

240719-nvdebsseqe 7

15-07-2024 02:08

240715-ckmpgatall 7

12-07-2024 03:13

240712-dqsncawemk 7

10-07-2024 03:52

240710-efav8avfkr 7

10-07-2024 03:26

240710-dzd7bawbpf 7

General

  • Target

    iplookup.exe

  • Size

    2.1MB

  • Sample

    240515-azn5qsgh86

  • MD5

    cb4903c1c4f23b021905da634c002f04

  • SHA1

    c2ccf3a1e5037c6e540b94a59e2c367ba8cd9090

  • SHA256

    49945b5eb3f80e6bb9dba81c6c6f643245bb0831ce2f6e5abf4db12ab6709b76

  • SHA512

    7f632331ba7f2fdd3c76f7f158a1cd6e79be796f2dc9f9149b7a071bb77b35fc4f0c6f189a8179eaf4947533513a3f926c879c50c8cf6cb13abdd424113f48fa

  • SSDEEP

    49152:PFkR/VWoA1QfIBoq2Pkbu5Gk6hQW/3f2V1mPzidqz/CIaB2w:NkR/VMCGvj/vYkP9aB

Score
10/10

Malware Config

Targets

    • Target

      iplookup.exe

    • Size

      2.1MB

    • MD5

      cb4903c1c4f23b021905da634c002f04

    • SHA1

      c2ccf3a1e5037c6e540b94a59e2c367ba8cd9090

    • SHA256

      49945b5eb3f80e6bb9dba81c6c6f643245bb0831ce2f6e5abf4db12ab6709b76

    • SHA512

      7f632331ba7f2fdd3c76f7f158a1cd6e79be796f2dc9f9149b7a071bb77b35fc4f0c6f189a8179eaf4947533513a3f926c879c50c8cf6cb13abdd424113f48fa

    • SSDEEP

      49152:PFkR/VWoA1QfIBoq2Pkbu5Gk6hQW/3f2V1mPzidqz/CIaB2w:NkR/VMCGvj/vYkP9aB

    Score
    10/10
    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

MITRE ATT&CK Matrix

Tasks