General
-
Target
tmp
-
Size
8.4MB
-
MD5
b8c67a670a12b9c637e8d1a2d081143d
-
SHA1
8776248ccf67702157f4f687fd2f758552193276
-
SHA256
802cfbde432429db1ca6c7d4165a1ae120a94236b094b22fc1303c6284f6512a
-
SHA512
3702bbec84d6229109a19631f8211fc10633ebf95ddeaaad35e0d4c9d21d7bd6eca292c0e19972f0763ca73b8ab74c095dbe3eaeb6a38abfd013c7565841eaac
-
SSDEEP
49152:Vw3JZxtqglDaDW6QCdevvoKOXGp8mih7NUfXUu4tEqNrqcqapPeDkwVzMemuYTwb:CZZqma5G/Mul2rq/aReDkizMeQU
Score
10/10
Malware Config
Signatures
-
Detect ZGRat V1 1 IoCs
-
Zgrat family
-
.NET Reactor proctector 1 IoCs
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
tmp
Headers
Sections