zgrat | 8a7b0b6134c2afa9731ff94843b6d9ba0f16814e51cf2eb5f4f4f05cee8d393d | Triage

Submit
Reports

Overview

overview

Static

static

3

Protosmash...se.exe

windows10-2004-x64

Sharing

General

Target

ProtosmasherSynapse.exe
Size

1.6MB
Sample

240713-sajstsxdpd
MD5

888bef03ab9e16196a01db45ffa02fb0
SHA1

254cf7316858e2d7a8c90316cb2871f47bb84277
SHA256

8a7b0b6134c2afa9731ff94843b6d9ba0f16814e51cf2eb5f4f4f05cee8d393d
SHA512

df7a03d4b0ebd61e8e7f59ebfa3b60fd3b72b339d1806ec25abeab2118a5b59fa433a56b758019b278360be44000a63a6a030f53fc203ce9e54c229599519090
SSDEEP

24576:PxkkRrmrcdHzECs4y2OHvbuhZUTdLk1VM+q2fv3BrUIQxgcEQXwBNtrq:PxTBmCs2OPbTkPMYv3Br6ZDStm

Score

10^/10

zgrat rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ProtosmasherSynapse.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

11 signatures

1200 seconds

Malware Config

Targets

- Target
  
  ProtosmasherSynapse.exe
- Size
  
  1.6MB
- MD5
  
  888bef03ab9e16196a01db45ffa02fb0
- SHA1
  
  254cf7316858e2d7a8c90316cb2871f47bb84277
- SHA256
  
  8a7b0b6134c2afa9731ff94843b6d9ba0f16814e51cf2eb5f4f4f05cee8d393d
- SHA512
  
  df7a03d4b0ebd61e8e7f59ebfa3b60fd3b72b339d1806ec25abeab2118a5b59fa433a56b758019b278360be44000a63a6a030f53fc203ce9e54c229599519090
- SSDEEP
  
  24576:PxkkRrmrcdHzECs4y2OHvbuhZUTdLk1VM+q2fv3BrUIQxgcEQXwBNtrq:PxTBmCs2OPbTkPMYv3Br6ZDStm
Score

10^/10

zgrat rat
- Detect ZGRat V2
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy