General
-
Target
edad2dcd4cf07314eb0c4e27fa9ac620f6fe6260f931e237c06178ef2c36526d
-
Size
452KB
-
Sample
240419-fd79dahc32
-
MD5
10692f2b2f300dd397e17e54af5f9518
-
SHA1
cb494a9640cf5cdf7a114d2950d60fc00871468f
-
SHA256
edad2dcd4cf07314eb0c4e27fa9ac620f6fe6260f931e237c06178ef2c36526d
-
SHA512
97594fc964ba252a469048ba8662a3a086f258bbe6340808831faf3440b4ea3b15b0c69c6a98e9a770453a11030fbe9d2c87cb6e734b51a8331df0738e358759
-
SSDEEP
12288:OYjr6I3yAhgYF24G17ITsVqpmPAUdXImV:OqM4G1ka2UmmV
Static task
static1
Behavioral task
behavioral1
Sample
edad2dcd4cf07314eb0c4e27fa9ac620f6fe6260f931e237c06178ef2c36526d.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
edad2dcd4cf07314eb0c4e27fa9ac620f6fe6260f931e237c06178ef2c36526d
-
Size
452KB
-
MD5
10692f2b2f300dd397e17e54af5f9518
-
SHA1
cb494a9640cf5cdf7a114d2950d60fc00871468f
-
SHA256
edad2dcd4cf07314eb0c4e27fa9ac620f6fe6260f931e237c06178ef2c36526d
-
SHA512
97594fc964ba252a469048ba8662a3a086f258bbe6340808831faf3440b4ea3b15b0c69c6a98e9a770453a11030fbe9d2c87cb6e734b51a8331df0738e358759
-
SSDEEP
12288:OYjr6I3yAhgYF24G17ITsVqpmPAUdXImV:OqM4G1ka2UmmV
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-