Overview

overview

10

Static

static

10

132ef1a933...c3.exe

windows7-x64

10

132ef1a933...c3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    132ef1a933f9d26fb0bb46b0a970dbfe05ad8fe0859ece8eb973b5584a580cc3.zip

  • Size

    2.1MB

  • MD5

    310a7f58d56127b65325142b751fbc3b

  • SHA1

    d509be58124e87096ea41571673be00861d6b7ea

  • SHA256

    550f4fb2c136dd735605c0b81243a8350410e904eb423ae1c1b60aee8e41eec6

  • SHA512

    de236dbe97c6e1540b9f68f80da2277e65efd09f2f7a3dea9b915cb3f2f01a03462e32489bd3d552b668e8e4d2255d303c58c649516742b8d3908619de2f93cb

  • SSDEEP

    49152:vGOvhQIHxY6b6RRrvwnnMVKQZN1D7JP2D9/nd5t6KZn:HOIRBb63e0l1D7JOD9fd3nn

Score
10/10
zgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 132ef1a933f9d26fb0bb46b0a970dbfe05ad8fe0859ece8eb973b5584a580cc3.zip
    .zip

    Password: infected

  • 132ef1a933f9d26fb0bb46b0a970dbfe05ad8fe0859ece8eb973b5584a580cc3.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections