zgrat | client[.]exe

General

Target

client.exe
Size

1.7MB
MD5

4d17a995f82d16cb125e86620aea1c07
SHA1

2620061898cfd5ff7b8ad92c0aa8f1ebf1ba492f
SHA256

c99346c06f18e8b52d4b3ff3bb306b577f310943e4bc00d001dd6b37c44506bc
SHA512

c2ac6bfbd1f239c09a98a96e92776ab699073196e485485b469ccd230bf5f3d75fbc74c9ed1a492dc88c9b68109b32016265ced478cc1333e8e7f8e401f9f47d
SSDEEP

24576:fpF2RUxV5h+/OxuV9q9D3e7c/Ge33kWbT7B+eraIbzHbBr/jb2xMEVgMR6UBzrV:fhMc+e3RbfB+erawD9Pb2gMR6OP

Score

10^/10

zgrat

Detect ZGRat V1 1 IoCs

resource	yara_rule
sample	family_zgrat_v1

.NET Reactor proctector 1 IoCs

Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

resource	yara_rule
sample	net_reactor

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
client.exe