Overview

overview

10

Static

static

10

a7dc35956f...4e.exe

windows7-x64

10

a7dc35956f...4e.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    046152a1cc9dce0b817bf2987f31513af1cc4decd5e908dc2238f8f82de30b03

  • Size

    234KB

  • MD5

    88d21b3078fcc873c1177f4b5b1e1c81

  • SHA1

    a2cac14af01e6a1500bc8eb51d9a7b8775704e05

  • SHA256

    046152a1cc9dce0b817bf2987f31513af1cc4decd5e908dc2238f8f82de30b03

  • SHA512

    f7d578f66060d1fa0d77e5662a5206846b993c3f5691323850036025b1e9b2892a385a2560cc4cbdf97b5dfd221c3c9080eab4bc474da5b9ec3a610a061ec6ef

  • SSDEEP

    6144:qQcfTOKh4vej1+Ez+NDipR7vS67o9GchNz:qQcbOKhwej1+n4JsMcH

Score
10/10
zgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 046152a1cc9dce0b817bf2987f31513af1cc4decd5e908dc2238f8f82de30b03
    .zip

    Password: infected

  • a7dc35956fc09578f1804febef1b4d9f6aadb4f8f8c7d20e7287c724b0bbde4e.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections