zgrat | 3c588c321a646a2d7192343d0dd762a5b557e1b99abad72bc913350baa71c2c4

General

Target

3c588c321a646a2d7192343d0dd762a5b557e1b99abad72bc913350baa71c2c4
Size

5.9MB
MD5

64914887fc55f9b082465c6ee0a99cba
SHA1

e91d4c35758244f3c409f0b70f86504034f16439
SHA256

3c588c321a646a2d7192343d0dd762a5b557e1b99abad72bc913350baa71c2c4
SHA512

1d91fc2680719ad7640c8e073a2828118ef8f0791b1e89a8195d5a4382949c6cb3e5b6e7d5fd365d48bb17e845aa5cbce6fd4197149ad887561820c3309267fd
SSDEEP

49152:DQgEWskry1mFC2LNcWfGmsQZ0Wf8f8QlWuWzVjnpXGp8mih7NUfXUu4tEqNrqcqJ:DQgEWskxUUfG/Mul2rq/aReDkizMeQU

Score

10^/10

zgrat

Detect ZGRat V1 1 IoCs

resource	yara_rule
sample	family_zgrat_v1

.NET Reactor proctector 1 IoCs

Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

resource	yara_rule
sample	net_reactor

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c588c321a646a2d7192343d0dd762a5b557e1b99abad72bc913350baa71c2c4