Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20231129-en
Target
file.exe
Size
5.9MB
MD5
d21ebfa5e971bb5293c9de7a404792a1
SHA1
850cae6b28d100738547f8a86889d71ff5289073
SHA256
cb49adf3033abe1d446541a2b216b7cc9f50cd74494ec7d78dd365c952d3487b
SHA512
2fe8f296117e70a05fa24f0be9250fff84af339eed1bfe46d1c218a0210324b9e0f77ddaf6ad518eca8370fc3023238f7fa13f483f30c545c10fc2e02f973a6f
SSDEEP
49152:VdFCDWU2GG8XKQ3/cdt4osAZo5+cSAsAUSNlLOg/L1Jf2jTiQ/VoJu4E9/+j9Z29:VnCDL2uKecbO4ihsAUoDjj233NmmcPK7
resource | yara_rule |
---|---|
sample | family_zgrat_v1 |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
sevengroundpadparty.pdb
_CorExeMain
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ