Analysis
-
max time kernel
112s -
max time network
118s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
24-03-2024 13:36
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
TS-240324-UF1.exe
Resource
win7-20240221-en
2 signatures
120 seconds
General
-
Target
TS-240324-UF1.exe
-
Size
767KB
-
MD5
204c99c8e5e0efe3fdaeef2303a149d9
-
SHA1
ed82b3def58376098bace5f3b96ee84713e4d0e6
-
SHA256
097c3ef9cd6d5d32862622110a2fdb79dbc6f78b4a949a00bcbaf806eee34f36
-
SHA512
f9e48584c3f3aa1374067ea3d8b71ac38616a564c627194918e74e94facdf853b8fc85bab9405b7d926f5cbe49c43a1de4e132fd54981f939e60a0ab50a8bb2a
-
SSDEEP
12288:Re1caCQXzPHUjF6eV7vbCfzYUjWuZwhG+BDMzwlt:ReGQDP0j8Q7TCL2uZZUDMzK
Malware Config
Signatures
-
Detects HZRAT backdoor 4 IoCs
Processes:
resource yara_rule behavioral2/memory/4764-0-0x0000000000400000-0x00000000004B9000-memory.dmp family_hzrat behavioral2/memory/4764-1-0x0000000000400000-0x00000000004B9000-memory.dmp family_hzrat behavioral2/memory/4764-2-0x0000000000400000-0x00000000004B9000-memory.dmp family_hzrat behavioral2/memory/4764-5-0x0000000000400000-0x00000000004B9000-memory.dmp family_hzrat