Overview

overview

10

Static

static

10

a7dc35956f...4e.exe

windows7-x64

10

a7dc35956f...4e.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a7dc35956fc09578f1804febef1b4d9f6aadb4f8f8c7d20e7287c724b0bbde4e.exe

  • Size

    509KB

  • MD5

    bdc7791cfc256510201b14f875fdb94f

  • SHA1

    9b75ef8a67b412122e03a8209c5d46ea5a8cd957

  • SHA256

    a7dc35956fc09578f1804febef1b4d9f6aadb4f8f8c7d20e7287c724b0bbde4e

  • SHA512

    fd4493f68453a970c0a15f630060c5fef9809ed62bf95ec9e1f67d8f45582b7f274e870f3b311d7c877f1395a9a9f2789d2715ae93026baeeccd89e9e3331672

  • SSDEEP

    12288:nLCBQgE8q6DRsy/PHgnwbrw8mKk27Z2K5eVPYsCPl29siiWT:nSf+sET

Score
10/10
zgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Detects executables packed with unregistered version of .NET Reactor 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a7dc35956fc09578f1804febef1b4d9f6aadb4f8f8c7d20e7287c724b0bbde4e.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections