General
-
Target
ee9e7f2070f70631af332623a0c5d2b337fe225509a4efc52e5e77f9174e709b
-
Size
3.5MB
-
Sample
240514-ehzmcshh6v
-
MD5
57c35a58ecb435c7975af0d43f3d603b
-
SHA1
c7bb75bf3b93128ed53997301b8f2d94a49a9787
-
SHA256
ee9e7f2070f70631af332623a0c5d2b337fe225509a4efc52e5e77f9174e709b
-
SHA512
f186273b9b2bdafaa63b884dba5eb07def3a11582964e644b107b6d586cce5f8e324be298368313d1eface07d8f90a03017626a991251038342951cc81c90618
-
SSDEEP
98304:U3oPPSKkooFPSJWRp0rDDf221usZ2gz9OwY:UZK+JSBZ2gT
Malware Config
Targets
-
-
Target
ee9e7f2070f70631af332623a0c5d2b337fe225509a4efc52e5e77f9174e709b
-
Size
3.5MB
-
MD5
57c35a58ecb435c7975af0d43f3d603b
-
SHA1
c7bb75bf3b93128ed53997301b8f2d94a49a9787
-
SHA256
ee9e7f2070f70631af332623a0c5d2b337fe225509a4efc52e5e77f9174e709b
-
SHA512
f186273b9b2bdafaa63b884dba5eb07def3a11582964e644b107b6d586cce5f8e324be298368313d1eface07d8f90a03017626a991251038342951cc81c90618
-
SSDEEP
98304:U3oPPSKkooFPSJWRp0rDDf221usZ2gz9OwY:UZK+JSBZ2gT
Score10/10-
Detect ZGRat V1
-
ZGRat
ZGRat is remote access trojan written in C#.
-
Detects executables packed with unregistered version of .NET Reactor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-