General

  • Target

    freedom.v1.11.zip

  • Size

    829KB

  • MD5

    a7d697b99577a3ebdcac2e59002f67bd

  • SHA1

    9e0bcedab8be1d29803bb634da49c50e4b2f0b39

  • SHA256

    20609025c17c188b73fef9ef02e672440b96da91fafa994497d69d76ed017826

  • SHA512

    4f44a3563e29f2ef02419c8c7ca7cb7f75f4ed5a4c2a692e3c529b4c0640607a007e97f3b1a45b90736a6e53127115f059fa3f3625c307c2feadcd3d9057157f

  • SSDEEP

    12288:getQzYkySLrySF53a15Uf9hWEIksgHlhlz4AIwAF8FmIzi2C95N3yWBsxV5:Bt8YkyYi15UfHW7+Dswm8F2jNo3

Score
10/10

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • freedom.v1.11.zip
    .zip
  • freedom.v1.11/freedom/config.ini
  • freedom.v1.11/freedom/freedom.dll
    .dll windows:6 windows x86 arch:x86

    75f6f3ed730be5898bf39bf0bd5ad041


    Headers

    Imports

    Sections

  • freedom.v1.11/freedom/freedom_injector.exe
    .exe windows:6 windows x86 arch:x86

    05974c57d14f042e3962ac5a068fd056


    Headers

    Imports

    Sections

  • freedom.v1.11/freedom/prejit.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • freedom.v1.11/spoofer.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections