Malicious
Malicious

[Base64-Block]

PE Executable
|
MD5: c3b65f1cfb94b2bf0d7a1174e17fb287
|
Size: 1.57 MB
|
application/x-msdownload
RAT
zgRAT
Executable
PE (Portable Executable)
Win 32 Exe
x86
.Net Obfuscator
.Net Reactor
Print
General
Structural Analysis
Config.0
Yara Rules6
Sync
Insights
Community
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
c3b65f1cfb94b2bf0d7a1174e17fb287
Sha1
957c99d82c353ac236fff663069d9f1526dcf91a
Sha256
a996820cb822991e67157df2cf3c506845937de58e31eef0daa8c116e0e61e9d
Sha384
6201983c8d21f8b49b82c6bccd1f28a93ffb0ecd2fb4263e3949045190fbc0a29b17d2abf565a844ad9c4e928935141a
Sha512
1c1910d8502c23647753aeca07e142135fd0250ce8814813984d96bcc5c97b563e15a0bcf5262d2ab9875e0e5b0f3664b9940039b712ead9abb2ac37daba4a74
SSDeep
24576:Fjs7+F5pGKcQW7WT5wrQ8dNB88gXO3XwqTIdISjyIapHlz/WzVK:FJGKcQ7WXJ8Gnkdxu1HhKVK
TLSH
3F759D03B5838BA1E9280772C4EBC40003E5DEC177A7D61A755D3B923A533EBED56A87

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
[Base64-Block]
RAT
zgRAT
Executable
PE (Portable Executable)
Win 32 Exe
x86
.Net Obfuscator
.Net Reactor
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
ID:0007
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
[Base64-Block] (1.57 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙