General
-
Target
ALCALAPINTA2024DOCPDF03050001.UUE
-
Size
630KB
-
Sample
240312-2x153adc21
-
MD5
d881f0de35ebf87aa3e1f1906bb80941
-
SHA1
95376ad3fa1db8499d57281e73f21ab3b3d794eb
-
SHA256
8594c6c25548b43de6f964b373a7b51311a08d2956df2f1371b09324c9500ba6
-
SHA512
3da242f49860c6b45289ce4356ad783370497ca96bbc3c83586bcfcc90e82a71f9f2875d415ed85e008d313eb46b1b5382396bfbbbbc37096d909737e9378a25
-
SSDEEP
12288:ZtY9ECk1EyiFhQGsCZTrVBh8qp6madD0V3wEEjGAhO+Q9aSy9:f0Idiv5HWqomSUAJjgaSW
Static task
static1
Behavioral task
behavioral1
Sample
ALCALAPINTA2024DOCPDF03050001.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
ALCALAPINTA2024DOCPDF03050001.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
asyncrat
0.5.7B
TRIPLEAAA
aobertoferndomip.con-ip.com:4041
Cookies
-
delay
3
-
install
false
-
install_file
winu32.exe
-
install_folder
%AppData%
Targets
-
-
Target
ALCALAPINTA2024DOCPDF03050001.exe
-
Size
923KB
-
MD5
e075f42de7cf53e6e9fba534d7f0584e
-
SHA1
94a71b9f70b2c56aa4a6251846956ce74586a9f8
-
SHA256
80c4b5657c8f3dda5648415d86b839fd5b3074785124d325435cf002d5fa8e60
-
SHA512
142d728e08082249eef646ae77b80d7e60fcdd652496dcaa3deacbc1ab45f018952348613374180cb7b820af3de4a0b6ae7958bff87cb79b3cc6dec2cc812307
-
SSDEEP
24576:/gevJE3vbztaVeCIjDEe0D3zy6/BA/Tqz:/NE3vbztaeCeD8Dy6uqz
Score10/10-
Detect ZGRat V1
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-