General

  • Target

    f18bb1edd3ae7b63144e96132ce9aefb.bin

  • Size

    4.1MB

  • MD5

    03d004d53b58f5a5a7ed0198ef775ad6

  • SHA1

    52e190155c2aa462ae9b6bb8a9dc5ab0655a453a

  • SHA256

    89f9caea29343d0a92b7a2cf4c3d675fe36ed7559f1f5fb389d8ee616023d1da

  • SHA512

    c6e98dce3a583a71f3e2d07c65793ec278c5971985be16bb42945d17d674b4b5dd700d8921f052d3ffb19fa8604d6845126d291f40b37e9d5cf1ebaea7ef0cce

  • SSDEEP

    98304:n4X9G5TE4Pzu2OQdDqowkfHEDGdhpFUey3i15Z:nmYXrOmDqhahpTF5Z

Score
10/10

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

Files

  • f18bb1edd3ae7b63144e96132ce9aefb.bin
    .zip

    Password: infected

  • 897b63dc56623c54120c95340a7e8c416786dbc18bb03dae3300ab2fd57e928a.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections