Sample name: | 172805101440ffea594d2599248d0f2d382d177349a402c86175ffd9e7d67d9c283869c709601.dat-decoded.exe |
Analysis ID: | 1525923 |
MD5: | ac7836d93953a3aaa764d9d212fa1650 |
SHA1: | 69d7e8144c94794e2c15ac50b0fe01fbde694ba7 |
SHA256: | 9d0ccbd6be0eda127dd9ff110d46b4a0dcc192a2832221784ee8d0cb9d80598a |
Tags: | base64-decodedexeuser-abuse_ch |
Infos: | |
Errors
|
Score: | 76 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
zgRAT | zgRAT is a Remote Access Trojan malware which sometimes drops other malware such as AgentTesla malware. zgRAT has an inforstealer use which targets browser information and cryptowallets.Usually spreads by USB or phishing emails with -zip/-lnk/.bat/.xlsx attachments and so on. | No Attribution |
|
AV Detection |
---|
Source: |
ReversingLabs: |
Source: |
Joe Sandbox ML: |
Source: |
Static PE information: |
Source: |
Static PE information: |
System Summary |
---|
Source: |
Matched rule: |
Source: |
Static PE information: |
Source: |
Binary or memory string: |
Source: |
Static PE information: |
Source: |
Matched rule: |
Source: |
Classification label: |
Source: |
Static PE information: |
Source: |
Static file information: |
Source: |
ReversingLabs: |
Source: |
Static PE information: |
Source: |
Static file information: |
Source: |
Static PE information: |
Source: |
Static PE information: |
Stealing of Sensitive Information |
---|
Source: |
File source: |
Source: |
File source: |
Remote Access Functionality |
---|
Source: |
File source: |
Source: |
File source: |
No Screenshots