Overview

overview

10

Static

static

10

7b3c1e6093...ab.exe

windows7-x64

10

7b3c1e6093...ab.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0c4bb973e88e0b22652b833aa25f9aae.bin

  • Size

    2.8MB

  • MD5

    82058e54aea90b4f514f374ddb9fa41f

  • SHA1

    141d5e25990296a222c82672e63513814d12d338

  • SHA256

    a75172ac4c7c3489156ce62a882bd9fa634b0a3e1204f10d3c19550cd6baf636

  • SHA512

    f9b0220fb88c24f0de9893bf89301bc524306124547544c1e86fc7d1c341e02df3724c0de45773e0e21f68b7e92f29bf425d7df9b825baeb421f8b3409f4c834

  • SSDEEP

    49152:F9T78RBWtEd8PxHT/n4XjnJQGxk0Nf2fnpYLTmDLppNj9dj21w6dfaMxR1tHEZGO:FxaWtEdKxHT/n4jJtNePWLUfZ7KldSIu

Score
10/10
zgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0c4bb973e88e0b22652b833aa25f9aae.bin
    .zip

    Password: infected

  • 7b3c1e60932c652fc591de285279cbdfb7292b54899842ea5c627fedc7cee8ab.exe
    .exe windows:4 windows x64 arch:x64

    Password: infected


    Headers

    Sections