General
-
Target
cce564eb25a80549d746c180832d0b3d45dcd4419d9454470bfd7517868d0e10
-
Size
1.2MB
-
Sample
240410-rhl3gsaf29
-
MD5
efec7686f695867bd45a4d2ccaf964d5
-
SHA1
04af410cffd8f4b7ef0270ccae11ce6e01cc4633
-
SHA256
cce564eb25a80549d746c180832d0b3d45dcd4419d9454470bfd7517868d0e10
-
SHA512
9a98a05aaaae6d6fd916f6716cf581534dd17d1bbac10ff2b0b96cb138297bdd6aaa9523600d11c3b5fe77c37df1b5b2216ac5206a8c1797c14687e222fd9ab1
-
SSDEEP
24576:ItWcpVLS2kQom+sOASY1IUwr6vkyFBebNvjV:ypdS2TDhmY66Beb5
Malware Config
Targets
-
-
Target
cce564eb25a80549d746c180832d0b3d45dcd4419d9454470bfd7517868d0e10
-
Size
1.2MB
-
MD5
efec7686f695867bd45a4d2ccaf964d5
-
SHA1
04af410cffd8f4b7ef0270ccae11ce6e01cc4633
-
SHA256
cce564eb25a80549d746c180832d0b3d45dcd4419d9454470bfd7517868d0e10
-
SHA512
9a98a05aaaae6d6fd916f6716cf581534dd17d1bbac10ff2b0b96cb138297bdd6aaa9523600d11c3b5fe77c37df1b5b2216ac5206a8c1797c14687e222fd9ab1
-
SSDEEP
24576:ItWcpVLS2kQom+sOASY1IUwr6vkyFBebNvjV:ypdS2TDhmY66Beb5
Score10/10-
Detect ZGRat V2
-
OutSteel
OutSteel is a file uploader and document stealer written in AutoIT.
-
ZGRat
ZGRat is remote access trojan written in C#.
-
Modifies file permissions
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-