win.zgrat (Back to overview)


zgRAT is a Remote Access Trojan malware which sometimes drops other malware such as AgentTesla malware. zgRAT has an inforstealer use which targets browser information and cryptowallets.
Usually spreads by USB or phishing emails with -zip/-lnk/.bat/.xlsx attachments and so on.

2023-02-03CloudsekDeepanjli Paulraj, Pavan Karthick M
Threat Actors Abuse AI-Generated Youtube Videos to Spread Stealer Malware
Alfonso Stealer Bandit Stealer Cameleon Fabookie Lumma Stealer Nanocore RAT Panda Stealer RecordBreaker RedLine Stealer Stealc STOP Vidar zgRAT
2023-01-16Difesa & SicurezzaFrancesco Bussoletti
Cybercrime, RFQ from Turkey carries AgentTesla and zgRAT
Agent Tesla zgRAT
Trellix Insights: SmokeLoader Exploits Old Vulnerabilities to Drop zgRAT
SmokeLoader zgRAT
2022-08-08FortinetJames Slaughter
Life After Death - SmokeLoader Continues to Haunt Using Old Vulnerabilities
SmokeLoader zgRAT
zgRAT malware samples

There is no Yara-Signature yet.