Overview

overview

10

Static

static

10

a7dc35956f...4e.exe

windows7-x64

10

a7dc35956f...4e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d45f223012f6339c9c995bc134f5efc13ab27432dd6257cf9e35b8279c5dce4

  • Size

    234KB

  • MD5

    ca58f13af15e08ff9da4e2dcefa97f57

  • SHA1

    5e66ba776113e03e883b0421afe953cd2f5fe6da

  • SHA256

    7d45f223012f6339c9c995bc134f5efc13ab27432dd6257cf9e35b8279c5dce4

  • SHA512

    5101c614cba870e6b31f413dab59c75801c385bcf74b9b5550919fff6c2c6137d43c63a9216f1b60795d0799b6f0493fd4fdb9623454d0b6eeb31b44406ecbd4

  • SSDEEP

    6144:stRqkC9DZM/Uo8gfun8DKlh+wBQ+7MHyIQ8+dR+6gL:stxeDm/J/fu8D0soQ+7t+V

Score
10/10
zgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7d45f223012f6339c9c995bc134f5efc13ab27432dd6257cf9e35b8279c5dce4
    .zip

    Password: infected

  • a7dc35956fc09578f1804febef1b4d9f6aadb4f8f8c7d20e7287c724b0bbde4e.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections