Overview

overview

10

Static

static

10

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    31aeffb83c84e7d286b7f06d19582aac87694d84ef686b2bbeee8a8b0d2df5ac

  • Size

    6.1MB

  • MD5

    3a40b2594154d59d21181810e1a22cf4

  • SHA1

    58d8c8fec9d9ca9baac6835860504859ec8acd19

  • SHA256

    31aeffb83c84e7d286b7f06d19582aac87694d84ef686b2bbeee8a8b0d2df5ac

  • SHA512

    a37246a3cd11e2324fba60e0c099e0d144e15b50ea2c1ce265b091f56385e79b10b232aaadce80b4bee80ede05167412ae9549b246328addca39db78b84080a7

  • SSDEEP

    98304:LDTeG68/Nv7T40qjK96pQw1m5GG/Mul2rq/aReDkizMeQUDGs:LDv6QNTG+yW/Mul2rVe4iwVUDG

Score
10/10
zgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 31aeffb83c84e7d286b7f06d19582aac87694d84ef686b2bbeee8a8b0d2df5ac
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections