General
-
Target
32f721de1d024352df19ec1dfb88806a460e31185e86ec6202ec1951115460f9
-
Size
460KB
-
Sample
240419-h3epgabf73
-
MD5
e2115200ac363d68811dbe577d85b9ed
-
SHA1
f3f4c60fdccaaaebdf3d82f15dab1ae7584a7b26
-
SHA256
32f721de1d024352df19ec1dfb88806a460e31185e86ec6202ec1951115460f9
-
SHA512
b6ba2bc3fcc5c8756c5083bcd6bcbd33938d91d6090206b6e873369c7b1cc0333937ed5233ec3071f6924bad2a4fe9a3e0d0732e3f8c15dae8c997d7df0b452a
-
SSDEEP
6144:KDfVZKQFzkJGWNWNK47hJGMcyvkFFV7uHf07pGi1Wp7Yuxw0QmmY:KDfVZ1FzkAEWw47nGMcmkFFMNQkwGmY
Static task
static1
Behavioral task
behavioral1
Sample
32f721de1d024352df19ec1dfb88806a460e31185e86ec6202ec1951115460f9.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
32f721de1d024352df19ec1dfb88806a460e31185e86ec6202ec1951115460f9
-
Size
460KB
-
MD5
e2115200ac363d68811dbe577d85b9ed
-
SHA1
f3f4c60fdccaaaebdf3d82f15dab1ae7584a7b26
-
SHA256
32f721de1d024352df19ec1dfb88806a460e31185e86ec6202ec1951115460f9
-
SHA512
b6ba2bc3fcc5c8756c5083bcd6bcbd33938d91d6090206b6e873369c7b1cc0333937ed5233ec3071f6924bad2a4fe9a3e0d0732e3f8c15dae8c997d7df0b452a
-
SSDEEP
6144:KDfVZKQFzkJGWNWNK47hJGMcyvkFFV7uHf07pGi1Wp7Yuxw0QmmY:KDfVZ1FzkAEWw47nGMcmkFFMNQkwGmY
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-