General

  • Target

    0FERTA_Y.EXE.exe.bin

  • Size

    202KB

  • MD5

    a9419910dc159e785f4f7d060b99703d

  • SHA1

    164c8c53881f9e65d19233c6b9eed1d0231e7cfb

  • SHA256

    56fe514e3ea3eda0569cf8b79741fe9ed9b391fe06f07b33d847ccdd7fda18ae

  • SHA512

    f8dad0c0825aab81f9ad4ca4d138b7e653181b3c4d9ad8162f99568ea55168b82265097afa8be8afc23ad571547647b32bf49f0247fbe14b67269e8144b80358

  • SSDEEP

    6144:tH6xBmSbrrTTCgb9/z2qBop/Nkt9Tdz/6R36:tAWgbdgp/NktrWR

Score
7/10

Malware Config

Signatures

  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0FERTA_Y.EXE.exe.bin
    .exe windows x64


    Headers

    Sections