General

  • Target

    dcb623cc7f3f21e92e4878c82ce79582fdf6ba1e5e0c76f19097d1496e6c4b08.exe

  • Size

    481KB

  • Sample

    240317-cqyc6acb99

  • MD5

    3a44104fb5d035d1cd725732e94a5e8d

  • SHA1

    cb3f89df88e1468bca9d5ca01d22588791884ecb

  • SHA256

    dcb623cc7f3f21e92e4878c82ce79582fdf6ba1e5e0c76f19097d1496e6c4b08

  • SHA512

    eebe4acc924ef0284d7303ae581d29e67f1f2c23042b3a42e37b3bccedc28d10e3370a4221a95dd07c6d930d5bfae606de3a954f625f13a0eedc2eca8921acc1

  • SSDEEP

    6144:5rtQDr7b6OdSo1qwmHR91YiOU35YyaLPTTNMGL2w9BBfdN3MVqRw6aPMGGmG1H:5JQDr2oE1YpUCycTNbJBJ3MB2

Malware Config

Targets

    • Target

      dcb623cc7f3f21e92e4878c82ce79582fdf6ba1e5e0c76f19097d1496e6c4b08.exe

    • Size

      481KB

    • MD5

      3a44104fb5d035d1cd725732e94a5e8d

    • SHA1

      cb3f89df88e1468bca9d5ca01d22588791884ecb

    • SHA256

      dcb623cc7f3f21e92e4878c82ce79582fdf6ba1e5e0c76f19097d1496e6c4b08

    • SHA512

      eebe4acc924ef0284d7303ae581d29e67f1f2c23042b3a42e37b3bccedc28d10e3370a4221a95dd07c6d930d5bfae606de3a954f625f13a0eedc2eca8921acc1

    • SSDEEP

      6144:5rtQDr7b6OdSo1qwmHR91YiOU35YyaLPTTNMGL2w9BBfdN3MVqRw6aPMGGmG1H:5JQDr2oE1YpUCycTNbJBJ3MB2

    • Detect ZGRat V1

    • PureLog Stealer

      PureLog Stealer is an infostealer written in C#.

    • PureLog Stealer payload

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks