Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
70671ed6e68e7bfb68ffdff32fa8398c.exe
Resource
win7-20231215-en
Target
70671ed6e68e7bfb68ffdff32fa8398c
Size
190KB
MD5
70671ed6e68e7bfb68ffdff32fa8398c
SHA1
8ba4addeffe327e7d74c9f1729e542b657d6f549
SHA256
a64aa3b2c9da5f3aa5962fc3412d9ff20f225d84c1fd0c633e7b66948c8ead76
SHA512
0cff8adf3e2e7750ed3e6f136db88c0572dc7b5f29b363fe6671fa70a5b8cc8b1cdecb647b002db9402045641932c4fe6aa3883570faea6749db9665b5a09db9
SSDEEP
3072:piW2NY2qvIhxJ36f1yR4S2Hk10DtKy3BFnqEfyutNr:pBIR68R4ZaU/BFvzF
resource | yara_rule |
---|---|
sample | family_zgrat_v1 |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
_CorExeMain
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ