zgrat | WinDir[.]exe

General

Target

WinDir.exe
Size

331KB
MD5

f2c3edacf7caf2d8c59ff660680a49cb
SHA1

167f4ae3a59b6e2e927e66a2c24b6a2971aec6e5
SHA256

33b845f4977885ba03d8de6bc260847dd0ec6dc9489a2da3071701b160a1ddec
SHA512

2d31895d9373c824a0a7baccab68c138e543af6d2b6997e8dac8cf4f4030c0b16536e355b63fddb3d9c995b76edaeb388845b0b22cda49b5320253b5856b8284
SSDEEP

6144:Eho6aAN4TLDw2DXCJhdhgf109EGD0Ju4p:d6vWHDrD32EGAhp

Score

10^/10

zgrat

Detect ZGRat V1 1 IoCs

resource	yara_rule
sample	family_zgrat_v1

.NET Reactor proctector 1 IoCs

Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

resource	yara_rule
sample	net_reactor

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
WinDir.exe