General
-
Target
c58af9384d71e33bae1d8a032d9e7b19
-
Size
4.0MB
-
Sample
240313-lmmxpaaa81
-
MD5
c58af9384d71e33bae1d8a032d9e7b19
-
SHA1
15bd308104a7b2d05ba9fd03b3a4c5410afabc56
-
SHA256
77189b22dfb8238a4837f95e3283150bca8105d618cc421cde8170644bcf878b
-
SHA512
ac80eb00dcf2aec8a56e071281030b9c3ec57460b2a2c59b8db43ce51a60465a419ed1e5f887d7e2d8b41c0aaca226244bb52e7c72cccf44f477fcdad03aa3e8
-
SSDEEP
49152:PSzzgkLJWvg/RdFy7/QhWwALywBDyVt4kWzzwskrk4NZXuMk6o9ufAXV4AK:
Static task
static1
Behavioral task
behavioral1
Sample
c58af9384d71e33bae1d8a032d9e7b19.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
c58af9384d71e33bae1d8a032d9e7b19
-
Size
4.0MB
-
MD5
c58af9384d71e33bae1d8a032d9e7b19
-
SHA1
15bd308104a7b2d05ba9fd03b3a4c5410afabc56
-
SHA256
77189b22dfb8238a4837f95e3283150bca8105d618cc421cde8170644bcf878b
-
SHA512
ac80eb00dcf2aec8a56e071281030b9c3ec57460b2a2c59b8db43ce51a60465a419ed1e5f887d7e2d8b41c0aaca226244bb52e7c72cccf44f477fcdad03aa3e8
-
SSDEEP
49152:PSzzgkLJWvg/RdFy7/QhWwALywBDyVt4kWzzwskrk4NZXuMk6o9ufAXV4AK:
-
Detect ZGRat V1
-
Detects Echelon Stealer payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-