General
-
Target
setupc-09-04
-
Size
9KB
-
Sample
240307-qwe1nade2z
-
MD5
5fef01686ebe5167e611274f4188f8be
-
SHA1
92978588fb24129441f2d58e2d49178145c6ff5a
-
SHA256
ec334bbe7790d4f023bc99f7af097403ef271220db711f54e2503d03dd3ffb44
-
SHA512
0c862f9ea455bfaeb00c37502e7b5eb0ccf4378b49481af6cda9856120f07a6e14cd22eea44d6f062a43b00ce44663688d0086f711a78fc8843e066df2f6fcc5
-
SSDEEP
96:wsuWzhAVrbtmqTVrxOfjmZ/pEm0gbfH1jPJjeIJumKF95RZjieojwXZkSqPbJ:htEe7m5pdTH1TJjeeu1hkrZ
Static task
static1
Malware Config
Targets
-
-
Target
setupc-09-04
-
Size
9KB
-
MD5
5fef01686ebe5167e611274f4188f8be
-
SHA1
92978588fb24129441f2d58e2d49178145c6ff5a
-
SHA256
ec334bbe7790d4f023bc99f7af097403ef271220db711f54e2503d03dd3ffb44
-
SHA512
0c862f9ea455bfaeb00c37502e7b5eb0ccf4378b49481af6cda9856120f07a6e14cd22eea44d6f062a43b00ce44663688d0086f711a78fc8843e066df2f6fcc5
-
SSDEEP
96:wsuWzhAVrbtmqTVrxOfjmZ/pEm0gbfH1jPJjeIJumKF95RZjieojwXZkSqPbJ:htEe7m5pdTH1TJjeeu1hkrZ
-
Detect ZGRat V1
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-