General
-
Target
d9e4307712fcc46dda1493255355c7f2ca1ace48eeb9c72bd75bcb09ae0c4b50
-
Size
452KB
-
Sample
240419-fklnyshd78
-
MD5
f0dc803f21c53da40a5644391519a077
-
SHA1
f7c68bbf302a2dccf81822ad665b9e61d3f46a5e
-
SHA256
d9e4307712fcc46dda1493255355c7f2ca1ace48eeb9c72bd75bcb09ae0c4b50
-
SHA512
f294b2eae3eb18fd5abf6d5aca06a61b755142824f63939b1f52dfcb6ddb78ccea4226683de8ef4cb9fc2499e4102bd994dfafa56f954d220aa77e8064175cd5
-
SSDEEP
12288:OYjr6I3yAhgYF24G17ITsVqpmPAUdXImf:OqM4G1ka2Ummf
Static task
static1
Behavioral task
behavioral1
Sample
d9e4307712fcc46dda1493255355c7f2ca1ace48eeb9c72bd75bcb09ae0c4b50.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
d9e4307712fcc46dda1493255355c7f2ca1ace48eeb9c72bd75bcb09ae0c4b50
-
Size
452KB
-
MD5
f0dc803f21c53da40a5644391519a077
-
SHA1
f7c68bbf302a2dccf81822ad665b9e61d3f46a5e
-
SHA256
d9e4307712fcc46dda1493255355c7f2ca1ace48eeb9c72bd75bcb09ae0c4b50
-
SHA512
f294b2eae3eb18fd5abf6d5aca06a61b755142824f63939b1f52dfcb6ddb78ccea4226683de8ef4cb9fc2499e4102bd994dfafa56f954d220aa77e8064175cd5
-
SSDEEP
12288:OYjr6I3yAhgYF24G17ITsVqpmPAUdXImf:OqM4G1ka2Ummf
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-