Malicious
[Base64-Block]
PE Executable | MD5: c3b65f1cfb94b2bf0d7a1174e17fb287 | Size: 1.57 MB | application/x-msdownload
PE Executable
MD5: c3b65f1cfb94b2bf0d7a1174e17fb287
Size: 1.57 MB
application/x-msdownload
RAT
zgRAT
Executable
PE (Portable Executable)
Win 32 Exe
x86
.Net Obfuscator
.Net Reactor
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | c3b65f1cfb94b2bf0d7a1174e17fb287
|
| Sha1 | 957c99d82c353ac236fff663069d9f1526dcf91a
|
| Sha256 | a996820cb822991e67157df2cf3c506845937de58e31eef0daa8c116e0e61e9d
|
| Sha384 | 6201983c8d21f8b49b82c6bccd1f28a93ffb0ecd2fb4263e3949045190fbc0a29b17d2abf565a844ad9c4e928935141a
|
| Sha512 | 1c1910d8502c23647753aeca07e142135fd0250ce8814813984d96bcc5c97b563e15a0bcf5262d2ab9875e0e5b0f3664b9940039b712ead9abb2ac37daba4a74
|
| SSDeep | 24576:Fjs7+F5pGKcQW7WT5wrQ8dNB88gXO3XwqTIdISjyIapHlz/WzVK:FJGKcQ7WXJ8Gnkdxu1HhKVK
|
| TLSH | 3F759D03B5838BA1E9280772C4EBC40003E5DEC177A7D61A755D3B923A533EBED56A87
|
PeID
.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
[Base64-Block]
RAT
zgRAT
Executable
PE (Portable Executable)
Win 32 Exe
x86
.Net Obfuscator
.Net Reactor
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
ID:0007
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
[Base64-Block] (1.57 MB)
File Structure
[Base64-Block]
RAT
zgRAT
Executable
PE (Portable Executable)
Win 32 Exe
x86
.Net Obfuscator
.Net Reactor
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
ID:0007
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.
You must be signed in to post a comment.