Overview

overview

10

Static

static

10

1f20ce2890...a8.exe

windows7-x64

1

1f20ce2890...a8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1f20ce2890f5376a4fffd0d357991c4ce6cde3068886637195799230d48556a8

  • Size

    4.6MB

  • MD5

    b57a830d7f92cca4b07d9d44d38dbf75

  • SHA1

    59463e1bba8858f0b771321a0f8497271db5ad6d

  • SHA256

    1f20ce2890f5376a4fffd0d357991c4ce6cde3068886637195799230d48556a8

  • SHA512

    9f8bba8a5b08910e81c4741344a7c63ea782ea4157234ff818e58e659fc7ca9e141d99864f3e687064ba1be0a5dc76c340043dffc94be134fd9e1653df02d46b

  • SSDEEP

    98304:xF4JpDN4nH4WvLp9OZQiDwuHbfNJS+POReJumF0tj24qw6qYSjCveteB:PwpDN4YGd90Q85bfNJS+POk50tq4qw6b

Score
10/10
vmprotectzgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1f20ce2890f5376a4fffd0d357991c4ce6cde3068886637195799230d48556a8
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections