General
-
Target
217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e
-
Size
2.1MB
-
Sample
240319-xfehhscd2w
-
MD5
1a917a85dcbb1d3df5f4dd02e3a62873
-
SHA1
567f528fec8e7a4787f8c253446d8f1b620dc9d6
-
SHA256
217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e
-
SHA512
341acbd43efac1718c7f3e3795549acf29237a2675bdadcb7e52ce18aac6dcc6ae628e1b6edfa2338ed6d9923c148cb4322c75fad86d5c0e6f2327c2270563ec
-
SSDEEP
49152:/WlrvpDXJLRxe123BMGwxB19y0IEjaV/EC5O7pD:/apzJy1kMxt2R/ET
Static task
static1
Behavioral task
behavioral1
Sample
217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e.exe
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e
-
Size
2.1MB
-
MD5
1a917a85dcbb1d3df5f4dd02e3a62873
-
SHA1
567f528fec8e7a4787f8c253446d8f1b620dc9d6
-
SHA256
217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e
-
SHA512
341acbd43efac1718c7f3e3795549acf29237a2675bdadcb7e52ce18aac6dcc6ae628e1b6edfa2338ed6d9923c148cb4322c75fad86d5c0e6f2327c2270563ec
-
SSDEEP
49152:/WlrvpDXJLRxe123BMGwxB19y0IEjaV/EC5O7pD:/apzJy1kMxt2R/ET
Score10/10-
Detect ZGRat V1
-
PureLog Stealer payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-