General

  • Target

    cae49b754cd4f40f428eaa78ceeef195.bin

  • Size

    3.6MB

  • MD5

    a401d0ebe91c82f07e16f3080770d10a

  • SHA1

    5b482aee49c2e2b4889a75533bdcab2f6bed3767

  • SHA256

    1e56543d09770766eb72db3065d71c07b89127507419263dd4f2f0cf2573dde2

  • SHA512

    aa5c4208a9c92597c15eedf9653c57c1ce35232aea768402c0bfd3424217176bd57a08510821383e1bddebfd95962f7e887caae2d042ad6c211f8265fcca387f

  • SSDEEP

    98304:c/y4pR9j0J1/vcnR858rrpG4tuhVOwQsW8Nr:c/y4l21s+qrrEs4VvWWr

Score
10/10

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

Files

  • cae49b754cd4f40f428eaa78ceeef195.bin
    .zip

    Password: infected

  • 493807123c2e449d0dcfdbd3443d083aef30a6aaea42381290572bab06090c0b.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections