General
-
Target
Horizon Launcher V2.exe
-
Size
5.7MB
-
MD5
323b32366e04a15779e18af807093747
-
SHA1
38b8f956325d4976c33928ab4c79b0be6c6d87de
-
SHA256
17e44fc9e1764be2ba4f98af60aae9a6f35cf3155eb327a865c1e3dcca108f7a
-
SHA512
241b750ab3ced71f2556981223a13930140eb3f507b7fdb084315cb2711658ce36c7674e8fcbee864d6683eff0f6b25856698d8407de3567f6e6467ccbb84fe0
-
SSDEEP
98304:FHVaKxb/Tn1l/JAF9PgT84xagEsjXw9/gKwGRmdnzVMcXLCpCG7:zaKxrTrJAjgT88gsGRMVMcbC
Malware Config
Signatures
-
Detect ZGRat V1 1 IoCs
resource yara_rule sample family_zgrat_v1 -
Zgrat family
-
.NET Reactor proctector 1 IoCs
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
resource yara_rule sample net_reactor -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Horizon Launcher V2.exe
Files
-
Horizon Launcher V2.exe.exe windows:4 windows x86
Password: 123
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 5.7MB - Virtual size: 5.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ