General
-
Target
MemReduct.exe
-
Size
1.7MB
-
Sample
240420-fkf4gahh4w
-
MD5
05e117e10be7268e011ce46b1c237586
-
SHA1
ccdf4f3954f53a0e4e4b4a5be16a57bd1dda222b
-
SHA256
c850889430ed8e233aa903dd3f7326bfb68e8bcdc8974206434d2ba0e03b0746
-
SHA512
f18ab5c41f84327be2fb846c90a3b0709d06c770f9cdf00905e7ce821f62eba08ba1ecb05292221ac61e31333c27f3861aa08007b6cff0632c795616331891e5
-
SSDEEP
24576:jzUcZU9B2c8hxJMmJI0WNRiKk014hMVVFQIECZXkSmG0LB5Unxo+N8ufF:099Z6JMmJI0WNRiz0dzuIEwAG0/6o+t
Malware Config
Targets
-
-
Target
MemReduct.exe
-
Size
1.7MB
-
MD5
05e117e10be7268e011ce46b1c237586
-
SHA1
ccdf4f3954f53a0e4e4b4a5be16a57bd1dda222b
-
SHA256
c850889430ed8e233aa903dd3f7326bfb68e8bcdc8974206434d2ba0e03b0746
-
SHA512
f18ab5c41f84327be2fb846c90a3b0709d06c770f9cdf00905e7ce821f62eba08ba1ecb05292221ac61e31333c27f3861aa08007b6cff0632c795616331891e5
-
SSDEEP
24576:jzUcZU9B2c8hxJMmJI0WNRiKk014hMVVFQIECZXkSmG0LB5Unxo+N8ufF:099Z6JMmJI0WNRiz0dzuIEwAG0/6o+t
-
Detect ZGRat V1
-
Modifies security service
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-