Overview

overview

10

Static

static

10

132ef1a933...c3.exe

windows7-x64

10

132ef1a933...c3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    132ef1a933f9d26fb0bb46b0a970dbfe05ad8fe0859ece8eb973b5584a580cc3.zip

  • Size

    2.1MB

  • MD5

    dd67e11474fa72e97d78c8852641e9c9

  • SHA1

    d9ce7482dd3ed1f2c9ca3a6a1484c9c2e490b98f

  • SHA256

    7b98c1a55e4da595629c9d2f0b507a06fb0b576356d5621603040913b2e8a197

  • SHA512

    0e3c137728783b09d4b557c3834db514530c2c4735a7c76bca719de08848ee7810326c0e2d68b0c4069290efe5606d5e54c42cb49125baf56589fe350e8c7190

  • SSDEEP

    49152:ABB1lp4kFYRZ/tu/eJfLu03z88bW//c0S5eYEkHEoex3O:ABblp4kFM/tgUf6EbP0SHFVex3O

Score
10/10
zgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 132ef1a933f9d26fb0bb46b0a970dbfe05ad8fe0859ece8eb973b5584a580cc3.zip
    .zip

    Password: infected

  • 132ef1a933f9d26fb0bb46b0a970dbfe05ad8fe0859ece8eb973b5584a580cc3.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections