General
-
Target
b490cb2051120fae80af8e0474f240c0
-
Size
2.1MB
-
Sample
240305-nbajbsdd3z
-
MD5
b490cb2051120fae80af8e0474f240c0
-
SHA1
86fa25338ff3a67671290f5736e5bee3aaf08f4d
-
SHA256
870529ce8a6938063220619a4635b6bde6bf9bc18cc735a0157bc4ea24187ac4
-
SHA512
2e99eedcbcefc2283eee86aff1d6b857da733b2f367a584707ae71fb67d2bd955a908e50f34b779264f914d99bf10db3f8c834dabce567aa3afedbac0ca79ff2
-
SSDEEP
49152:fx5QnyEOfVjjLKIeVs7scsucYOAlIecXuozwoPER0qKH94HG/x8h:frQnyEyVheVs77sucYOaIeStTPE5KH94
Static task
static1
Behavioral task
behavioral1
Sample
b490cb2051120fae80af8e0474f240c0.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b490cb2051120fae80af8e0474f240c0.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
bitrat
1.38
con.microgent.ru:6992
-
communication_password
760d1a76fde860fea97ca75974d2a4d1
-
tor_process
tor
Targets
-
-
Target
b490cb2051120fae80af8e0474f240c0
-
Size
2.1MB
-
MD5
b490cb2051120fae80af8e0474f240c0
-
SHA1
86fa25338ff3a67671290f5736e5bee3aaf08f4d
-
SHA256
870529ce8a6938063220619a4635b6bde6bf9bc18cc735a0157bc4ea24187ac4
-
SHA512
2e99eedcbcefc2283eee86aff1d6b857da733b2f367a584707ae71fb67d2bd955a908e50f34b779264f914d99bf10db3f8c834dabce567aa3afedbac0ca79ff2
-
SSDEEP
49152:fx5QnyEOfVjjLKIeVs7scsucYOAlIecXuozwoPER0qKH94HG/x8h:frQnyEyVheVs77sucYOaIeStTPE5KH94
Score10/10-
Detect ZGRat V1
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-