Overview

overview

10

Static

static

10

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3041b49bb9c1f42d84a72a6f814fdfd35c5c32b94c01dbda75a83af448d521ac

  • Size

    4.8MB

  • MD5

    f47d374df28096de5715bb81bf22e96b

  • SHA1

    53e7d96e0dd0c17dcdfa609bbf643563c2cddd6a

  • SHA256

    3041b49bb9c1f42d84a72a6f814fdfd35c5c32b94c01dbda75a83af448d521ac

  • SHA512

    8b93ed8e18e1afb3193c3b7c1752e37b657fd1183aac20a18a2ee6882954919cf84b11e418a471b1ba15804a8be57b41d91adc604112e6d677a5d9724ef24463

  • SSDEEP

    98304:/tUZP9vqcniqS3C7e8y4ypDK+7tG/Mul2rq/aReDkizMeQUOsI:/tcRNiqSk/ypD1E/Mul2rVe4iwVU

Score
10/10
zgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3041b49bb9c1f42d84a72a6f814fdfd35c5c32b94c01dbda75a83af448d521ac
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections