General
-
Target
34d5c36d1b169ab6508408383195ad9b9a44c2fb378835789168978b369f0eeb
-
Size
6.6MB
-
Sample
240114-18ln3sdcgp
-
MD5
3bb4f254cdb132088723f53d382f4dff
-
SHA1
dd16139fb0f68956613e76a480426e0f3b7bdef7
-
SHA256
34d5c36d1b169ab6508408383195ad9b9a44c2fb378835789168978b369f0eeb
-
SHA512
4be8e8df056d30c2570758b5ccfd63bfe18010dc5b4b5d1e839b505c328540733c2beda5b4183bc580a1f96ae44c51f86c4dfd88e04fd6a99ee50d630d74b790
-
SSDEEP
98304:r4/bF/WOAhDcY58TEY11bcOok+f2pigMH6M9lDrmmDigUAnpQ:ro8hDN5fYzcOokNhMH6MTrpDK
Behavioral task
behavioral1
Sample
34d5c36d1b169ab6508408383195ad9b9a44c2fb378835789168978b369f0eeb.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
34d5c36d1b169ab6508408383195ad9b9a44c2fb378835789168978b369f0eeb
-
Size
6.6MB
-
MD5
3bb4f254cdb132088723f53d382f4dff
-
SHA1
dd16139fb0f68956613e76a480426e0f3b7bdef7
-
SHA256
34d5c36d1b169ab6508408383195ad9b9a44c2fb378835789168978b369f0eeb
-
SHA512
4be8e8df056d30c2570758b5ccfd63bfe18010dc5b4b5d1e839b505c328540733c2beda5b4183bc580a1f96ae44c51f86c4dfd88e04fd6a99ee50d630d74b790
-
SSDEEP
98304:r4/bF/WOAhDcY58TEY11bcOok+f2pigMH6M9lDrmmDigUAnpQ:ro8hDN5fYzcOokNhMH6MTrpDK
-
Detect ZGRat V1
-
Detects Arechclient2 RAT
Arechclient2.
-
SectopRAT payload
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Drops startup file
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-