zgrat | 8339ee4145324c9e0d85585a18b01d3d7af819ef45201232663ce8dae5bde823

Analysis

max time kernel
117s
max time network
119s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
16/07/2024, 03:36

Target

8339ee4145324c9e0d85585a18b01d3d7af819ef45201232663ce8dae5bde823.exe
Size

1.8MB
MD5

c76fcd0975a281141d629d07ab9baf7e
SHA1

9e66dbebe28e86e92933f1ec12cacc30950276e7
SHA256

8339ee4145324c9e0d85585a18b01d3d7af819ef45201232663ce8dae5bde823
SHA512

2da611cefe68011bed3a549dbb4e708fd9a5bd42feaa02c683c2263719df3b03c0360aa5a6ea8cfccd14cb9cbd4286aff3229b27d6ff47a0cea6e1994ba87aff
SSDEEP

24576:NJJVY2LnLUrHpRfZDx41Ft8RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRT:NPrnxpcefrCVMhtvd

Score

10^/10

zgrat rat

Detect ZGRat V2 2 IoCs

resource	yara_rule
behavioral1/memory/2668-1-0x00000000008F0000-0x0000000000AB6000-memory.dmp	family_zgrat_v2
behavioral1/memory/2668-3-0x000000001B1D0000-0x000000001B2AC000-memory.dmp	family_zgrat_v2

C:\Users\Admin\AppData\Local\Temp\8339ee4145324c9e0d85585a18b01d3d7af819ef45201232663ce8dae5bde823.exe
"C:\Users\Admin\AppData\Local\Temp\8339ee4145324c9e0d85585a18b01d3d7af819ef45201232663ce8dae5bde823.exe"
1⤵
PID:2668

memory/2668-0-0x000007FEF5543000-0x000007FEF5544000-memory.dmp

Filesize
4KB

Download
memory/2668-1-0x00000000008F0000-0x0000000000AB6000-memory.dmp

Filesize
1.8MB

Download
memory/2668-2-0x000007FEF5540000-0x000007FEF5F2C000-memory.dmp

Filesize
9.9MB

Download
memory/2668-3-0x000000001B1D0000-0x000000001B2AC000-memory.dmp

Filesize
880KB

Download
memory/2668-4-0x0000000000410000-0x000000000043C000-memory.dmp

Filesize
176KB

Download
memory/2668-5-0x000007FEF5540000-0x000007FEF5F2C000-memory.dmp

Filesize
9.9MB

Download