General

  • Target

    cc4864a25a305759921b73d753116873493f2c526a396839d4da6815492299d8.zip

  • Size

    765KB

  • MD5

    fd8d78b8673fa0e4f2e1dd6b1a9a3f0b

  • SHA1

    086662c027a227ef7ba02ad72cd27d55c11d49ea

  • SHA256

    b4b0c2a4f88930c7a9de40fd273784aab7ee166b26aea6b973a7e0be86153891

  • SHA512

    b497c4362590a581ee5c3585eb16dece070a9fa93e699e4369158e0fa957054e94f40d235d21cefbb795abe32b1458ae1982feee2a689d0420569c1fb78305a8

  • SSDEEP

    12288:85zi0yw80XEx4tIGGiol2tvDBoOPhAsHEMwGZJzqYA+nXLyANHClJOQhmRMEkjpN:85SbmNvDBDhAMDZoWV8DODxklFXsNsN

Score
10/10
r77

Malware Config

Signatures

  • R77 family
  • r77 rootkit payload 1 IoCs

    Detects the payload of the r77 rootkit.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • cc4864a25a305759921b73d753116873493f2c526a396839d4da6815492299d8.zip
    .zip

    Password: infected

  • cc4864a25a305759921b73d753116873493f2c526a396839d4da6815492299d8.exe
    .exe windows x64

    Password: infected

    9b2d965b423ace685c16b9ae081246f7


    Headers

    Imports

    Sections