Overview

overview

10

Static

static

10

WinScp.exe

windows7-x64

10

WinScp.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    WinScp.exe

  • Size

    323KB

  • MD5

    1cff16414073e9bee180d323736ce07f

  • SHA1

    da80d0db2ca983b73a08bb53ec6f1db5222df25d

  • SHA256

    b6ed0abc84a0d8c92ab3f2218dba6b5a378613880aba5933fb67c934b399d30c

  • SHA512

    d45a97928f9268a6d177016b2ea1a66c114731b0b6d820ddcb4b82a6d547ad6e134d7bd0c76e42c5aaddf43999f792b1beb9fa8862c736699e0f3a1e3e6c87b4

  • SSDEEP

    6144:WSzceqjdZYcxOjkgQiadEdkv4PGGfTxxNtLr/iNLJss+cKT:7r8dZYqONagkwPGGfLLrK3l+cK

Score
10/10
zgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • WinScp.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections