General
-
Target
f6a8b58d0d8447fa707d64edf96eb3c7eae9e3a6fc7fc882ea2f246493e9ec31
-
Size
2.9MB
-
Sample
240318-cdyhdsdf86
-
MD5
2af69129233a758c69f90af376b77f22
-
SHA1
4780be117f3d9c1943d44d16b4d78d8e771480b0
-
SHA256
f6a8b58d0d8447fa707d64edf96eb3c7eae9e3a6fc7fc882ea2f246493e9ec31
-
SHA512
b59f4d4f428aa9a3f3d7bbe4753f53a3928eb5d06a5a632a144f21fdfaf2255b19316fda3f1f4440c7d88352321ce486307de110307f4db8200f279ed643a881
-
SSDEEP
49152:mzW4BO4dQiABX3FVhgrNa7H0ZciVnzdgxMy9oaExU8iIfvswVdNeNHzy/G9ssy2:4js4dQi0X3FDgc72VnhHynxTpwDNehy8
Behavioral task
behavioral1
Sample
NEW ORDER.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
NEW ORDER.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
NEW ORDER.pif
-
Size
2.9MB
-
MD5
fdf78fc377c3344eed18f78d7bb9563e
-
SHA1
110e53a7d33151433e31e5124debc11d91aa5e4f
-
SHA256
88670303d986c2ab42c91bf120273ceb7df2754708fc871820ca084e1678f670
-
SHA512
10cadaa7d927f3ec4502ea140498d8025ce5d48b5d052e014c4a80854045da526a3ec621f421a73e6700175dbdbc6b549f8a98a833f112147bccb0394b5c3f7d
-
SSDEEP
49152:5k29QKZE+YNvZfzj8jDa9HEZUGVdljgxaG9YSy7+wiiLhKCVHtojtXcbQlG0:51aKZE+ovZf/869KVdF5GlD3ZCxtoJc6
Score10/10-
Detect ZGRat V1
-
PureLog Stealer payload
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-