Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.BackdoorX-gen.8143.11752.exe
Resource
win7-20231130-en
Target
SecuriteInfo.com.Win32.BackdoorX-gen.8143.11752.exe
Size
491KB
MD5
cf6654ec7258d2744dcea46ec3f81979
SHA1
c00af1633ea38c461ac317032b2c19164dac7833
SHA256
bc80c5069467c4a25ca3dc0bce0f3d4dfa5f7bf2e8ce3011386b0c94cc14ac0d
SHA512
97dd9d67ffd9a31960f5d154894a9ec9c23c305e903f55f39ad731153d1375e3ea387d2cd62f1aadc4b640a16fcc971cfec908b4b13f5ca4d2dd1aaefe3f1bf4
SSDEEP
3072:aceP1R+NtU3APx63SjRDs7y1+fE+ANLhbik0s3DbgYMo8c:a50tU3+63Y+7y1NphbbH4Yz
resource | yara_rule |
---|---|
sample | family_zgrat_v1 |
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
_CorExeMain
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ