Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
95e15b50e1e8de17a0537512e7d84d479ab888ab75c314f73bda0ca764923861.exe
Resource
win7-20231215-en
Target
ee2ed8135a09d3af5737b39de0340ce4.bin
Size
3.7MB
MD5
1944cfe1910814fda86652b9ff356b78
SHA1
0e6c3e04360336e1ea81eeb7afd16290a2fd983d
SHA256
ebd3108383aee58b939fea1a7017ac5a9cd672a6c10efc03ba28c7f35322ac4d
SHA512
6ddb07180e9d1f30f7eeedad927e7226acd4434b58088f0b0ff80128c9739da458bce83cc220378de30e7da6dc3e47a0b481380d35c04169a9a64d0eec8229b5
SSDEEP
98304:7ob8EujdbcW8/5HKQIYUKmjv1E5jge+WfI:7BECdbcWQq7Yr28jX3fI
resource | yara_rule |
---|---|
static1/unpack001/95e15b50e1e8de17a0537512e7d84d479ab888ab75c314f73bda0ca764923861.exe | family_zgrat_v1 |
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
resource | yara_rule |
---|---|
static1/unpack001/95e15b50e1e8de17a0537512e7d84d479ab888ab75c314f73bda0ca764923861.exe | net_reactor |
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
_CorExeMain
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ