Overview

overview

10

Static

static

10

33b845f497...ec.exe

windows7-x64

10

33b845f497...ec.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e197f692ef58ab53971cf5e5a81659287286a2452b5fdbab7cb92c0a51d78dff

  • Size

    151KB

  • MD5

    f958ef95e8baa08fb8e6b7ef92970eb2

  • SHA1

    51cb6114ca2b8210c6c38829e0064ad0760e8d81

  • SHA256

    e197f692ef58ab53971cf5e5a81659287286a2452b5fdbab7cb92c0a51d78dff

  • SHA512

    b6cdb2171bf3a94380a8148b90e0aa01007335b9f4b4e50709372a342464c5ba513bb03791933cf5c040db6b62b7ea9f5261fe0a4aa8ab0b20cea3ce110f53f0

  • SSDEEP

    3072:t65s9H1ux3xX3K0enh2mNS9bhSjFm5qtl5kqy4N9Y3y0Q3q+:CUHoBK0EhvwhShm5qB979YiRp

Score
10/10
zgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e197f692ef58ab53971cf5e5a81659287286a2452b5fdbab7cb92c0a51d78dff
    .zip

    Password: infected

  • 33b845f4977885ba03d8de6bc260847dd0ec6dc9489a2da3071701b160a1ddec.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections