zgrat | 3f352445c521895812735acebb5f944cd1e88024cade5b201c562166619ffc9f | Triage

Submit
Reports

Overview

overview

Static

static

3

3f352445c5...9f.exe

windows7-x64

3f352445c5...9f.exe

windows10-2004-x64

Sharing

General

Target

3f352445c521895812735acebb5f944cd1e88024cade5b201c562166619ffc9f.exe
Size

594KB
Sample

240514-qyta3ahd6z
MD5

f5fe6435df7702338b1320b55f96caa4
SHA1

fab2bbc6e43cc01217673b2753e223099c3c297f
SHA256

3f352445c521895812735acebb5f944cd1e88024cade5b201c562166619ffc9f
SHA512

4c355979435dc7519c4e4ee1a9ff6ad4be9cabcaa6b376473b039fcd785837689f16662e680b196f2b74ec689ff894175a2892206f1883e6e22ca89a292a6fab
SSDEEP

12288:Ta+kA8UkbVvyhzR8OQtgR64Hh4oPRSviJFwuHnOr387dPex:FFgkh21gR3JSviJFbnOz87dPe

Score

10^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3f352445c521895812735acebb5f944cd1e88024cade5b201c562166619ffc9f.exe

Resource

win7-20240220-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

3f352445c521895812735acebb5f944cd1e88024cade5b201c562166619ffc9f.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  3f352445c521895812735acebb5f944cd1e88024cade5b201c562166619ffc9f.exe
- Size
  
  594KB
- MD5
  
  f5fe6435df7702338b1320b55f96caa4
- SHA1
  
  fab2bbc6e43cc01217673b2753e223099c3c297f
- SHA256
  
  3f352445c521895812735acebb5f944cd1e88024cade5b201c562166619ffc9f
- SHA512
  
  4c355979435dc7519c4e4ee1a9ff6ad4be9cabcaa6b376473b039fcd785837689f16662e680b196f2b74ec689ff894175a2892206f1883e6e22ca89a292a6fab
- SSDEEP
  
  12288:Ta+kA8UkbVvyhzR8OQtgR64Hh4oPRSviJFwuHnOr387dPex:FFgkh21gR3JSviJFbnOz87dPe
Score

10^/10

zgrat rat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy