Overview

overview

10

Static

static

10

f5678aaa37...18.exe

windows7-x64

10

f5678aaa37...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f5678aaa3769a6487675dfbd8b59ee04_JaffaCakes118

  • Size

    817KB

  • MD5

    f5678aaa3769a6487675dfbd8b59ee04

  • SHA1

    7cb5b116566af1bc41c5c8d35746e18b80b47580

  • SHA256

    a2ad2a855023fc88e85f8cd8776a391cb402af2d896adf13d1fb7d25adf556ed

  • SHA512

    2ce84ad14c1810ac76ffa25a778c31e756bd0dcc2bdec3e88b1f271d019e073d9688cb8870e9d65f4c674c1a5278dd415f0171f405ae1013634a6df82d44ad09

  • SSDEEP

    12288:151U2fsF4BQ5Gchzv6mpTIA7zVfB1zJQIgztL2qD:nl2GOGmKA7zVfX1QZZh

Score
10/10
vmprotectzgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f5678aaa3769a6487675dfbd8b59ee04_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections