General

  • Target

    56f465f72c1d03714aa6cedadcee54f1.exe

  • Size

    3.8MB

  • MD5

    56f465f72c1d03714aa6cedadcee54f1

  • SHA1

    15c128e34eba74fc9d49333eec77a9af8dbf2b35

  • SHA256

    f3dce07ef36310e3d43a014c12c02312797d1d1b42c841089e5f02b5a0165780

  • SHA512

    ea324c6d06448f1ef487cb597985280b8c57ab93ca4dca358961a5f2f0085ea833091fbe704b954003eca093aeb32a71dd07a4abe3e01ebdf14dacc4d8800d26

  • SSDEEP

    49152:IrJtPEr7HuX1vWGgSppA3tfae4atH3Imc74mPbA30f6nty:IrJtPE+XjZy5tXlc7RPbbgy

Score
10/10

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • Detect ZGRat V1 1 IoCs
  • Zgrat family
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 56f465f72c1d03714aa6cedadcee54f1.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections