zgrat | 8339ee4145324c9e0d85585a18b01d3d7af819ef45201232663ce8dae5bde823

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
16-07-2024 03:36

Target

8339ee4145324c9e0d85585a18b01d3d7af819ef45201232663ce8dae5bde823.exe
Size

1.8MB
MD5

c76fcd0975a281141d629d07ab9baf7e
SHA1

9e66dbebe28e86e92933f1ec12cacc30950276e7
SHA256

8339ee4145324c9e0d85585a18b01d3d7af819ef45201232663ce8dae5bde823
SHA512

2da611cefe68011bed3a549dbb4e708fd9a5bd42feaa02c683c2263719df3b03c0360aa5a6ea8cfccd14cb9cbd4286aff3229b27d6ff47a0cea6e1994ba87aff
SSDEEP

24576:NJJVY2LnLUrHpRfZDx41Ft8RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRT:NPrnxpcefrCVMhtvd

Score

10^/10

zgrat rat

Detect ZGRat V2 2 IoCs

Processes:

resource	yara_rule
behavioral2/memory/4704-1-0x0000000000E30000-0x0000000000FF6000-memory.dmp	family_zgrat_v2
behavioral2/memory/4704-2-0x000000001BD60000-0x000000001BE3C000-memory.dmp	family_zgrat_v2

C:\Users\Admin\AppData\Local\Temp\8339ee4145324c9e0d85585a18b01d3d7af819ef45201232663ce8dae5bde823.exe
"C:\Users\Admin\AppData\Local\Temp\8339ee4145324c9e0d85585a18b01d3d7af819ef45201232663ce8dae5bde823.exe"
1⤵
PID:4704

memory/4704-0-0x00007FFB3E4C3000-0x00007FFB3E4C5000-memory.dmp

Filesize
8KB

Download
memory/4704-1-0x0000000000E30000-0x0000000000FF6000-memory.dmp

Filesize
1.8MB

Download
memory/4704-2-0x000000001BD60000-0x000000001BE3C000-memory.dmp

Filesize
880KB

Download
memory/4704-3-0x00007FFB3E4C0000-0x00007FFB3EF81000-memory.dmp

Filesize
10.8MB

Download
memory/4704-4-0x000000001BE40000-0x000000001BE6C000-memory.dmp

Filesize
176KB

Download
memory/4704-6-0x00007FFB3E4C0000-0x00007FFB3EF81000-memory.dmp

Filesize
10.8MB

Download