zgrat | 754665bf47eb34ae94027b2a65dbd4d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

754665bf47eb34ae94027b2a65dbd4d1
Size

124KB
MD5

754665bf47eb34ae94027b2a65dbd4d1
SHA1

aa314c641392fe989918141fe3d77931965ee56d
SHA256

391e63ccf274f43fcca7cc107e07f2dc459559b0598e22f1bc8960d332efc56f
SHA512

d2228c92aa65706a5e829eaf6f859cf7cd1643e9757dd86130bf8ac3d1abeb8985b26968e779014d8f4018df27ec5c2c4b51bdb33b80428ba4901eb7939d5c5b
SSDEEP

1536:Kh4OA5HVRgVnB6sRVzhj3Hvxc9VgWp0EIFxkyzRYiy5hxWQcNr41kKQ:VOA5H6B6WVZHvxYVgM0nV8WQCcY

Score

10^/10

zgrat

Malware Config

Signatures

Detect ZGRat V1 1 IoCs

resource	yara_rule
sample	family_zgrat_v1

Zgrat family
zgrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
754665bf47eb34ae94027b2a65dbd4d1

Files

754665bf47eb34ae94027b2a65dbd4d1
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ