Analysis
-
max time kernel
52s -
max time network
57s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
26-06-2024 06:38
General
-
Target
b2dcae12f858cc5a2ce79278d173a18af0bb3b6243daef5c756198fff242235f.exe
-
Size
1.9MB
-
MD5
2732e4ce3c15c2ba2bb30eda6e1440a4
-
SHA1
1872195b2c1b7c1baa12d4c2e452487c84d1d3fe
-
SHA256
b2dcae12f858cc5a2ce79278d173a18af0bb3b6243daef5c756198fff242235f
-
SHA512
ec4cfaf56390319595c7d9a33f7d9befce0e6f193e5e90d08b2e63b9890e7198868ff58d3ce8389e0b50a88743c830f5b26c641db6aaef3a498bdbaea0ad400a
-
SSDEEP
24576:IiS2LnLUrHpRfZDx41Ft8RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRo:IenlyShMoe/VSgavHqlT5
Score
10/10
Malware Config
Signatures
-
Detect ZGRat V2 2 IoCs
-
ZGRat
ZGRat is remote access trojan written in C#.
Processes
-
C:\Users\Admin\AppData\Local\Temp\b2dcae12f858cc5a2ce79278d173a18af0bb3b6243daef5c756198fff242235f.exe"C:\Users\Admin\AppData\Local\Temp\b2dcae12f858cc5a2ce79278d173a18af0bb3b6243daef5c756198fff242235f.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1816-0-0x0000000074B2E000-0x0000000074B2F000-memory.dmpFilesize
4KB
-
memory/1816-1-0x0000000000360000-0x0000000000548000-memory.dmpFilesize
1.9MB
-
memory/1816-2-0x00000000056A0000-0x0000000005C44000-memory.dmpFilesize
5.6MB
-
memory/1816-4-0x0000000074B20000-0x00000000752D0000-memory.dmpFilesize
7.7MB
-
memory/1816-3-0x0000000005000000-0x0000000005092000-memory.dmpFilesize
584KB
-
memory/1816-5-0x00000000051F0000-0x00000000052CC000-memory.dmpFilesize
880KB
-
memory/1816-6-0x00000000050A0000-0x00000000050CC000-memory.dmpFilesize
176KB
-
memory/1816-7-0x00000000053C0000-0x0000000005426000-memory.dmpFilesize
408KB
-
memory/1816-9-0x0000000074B20000-0x00000000752D0000-memory.dmpFilesize
7.7MB