General
-
Target
594c30dee9f7acb7cbac72ef005dd2bd0b5138d33f60722bb0ead648b6303cd6
-
Size
460KB
-
Sample
240419-hszlwscc8z
-
MD5
a5840ec00269eaf40d943a28948ff117
-
SHA1
d6cb3a6e4fce6ca5555a9d91e09a1e962be92d18
-
SHA256
594c30dee9f7acb7cbac72ef005dd2bd0b5138d33f60722bb0ead648b6303cd6
-
SHA512
da5892e7f25819446c5ac3541aaca40e55cc224e2d0801063f664ef078e7294aaa232753a8379c9a8991d8b04b9b42b14651bb06de0dd8287c9cec9060cef9d2
-
SSDEEP
6144:KDfVZKQFzkJGWNWNK47hJGMcyvkFFV7uHf07pGi1Wp7Yuxw0QmmV:KDfVZ1FzkAEWw47nGMcmkFFMNQkwGmV
Static task
static1
Behavioral task
behavioral1
Sample
594c30dee9f7acb7cbac72ef005dd2bd0b5138d33f60722bb0ead648b6303cd6.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
594c30dee9f7acb7cbac72ef005dd2bd0b5138d33f60722bb0ead648b6303cd6
-
Size
460KB
-
MD5
a5840ec00269eaf40d943a28948ff117
-
SHA1
d6cb3a6e4fce6ca5555a9d91e09a1e962be92d18
-
SHA256
594c30dee9f7acb7cbac72ef005dd2bd0b5138d33f60722bb0ead648b6303cd6
-
SHA512
da5892e7f25819446c5ac3541aaca40e55cc224e2d0801063f664ef078e7294aaa232753a8379c9a8991d8b04b9b42b14651bb06de0dd8287c9cec9060cef9d2
-
SSDEEP
6144:KDfVZKQFzkJGWNWNK47hJGMcyvkFFV7uHf07pGi1Wp7Yuxw0QmmV:KDfVZ1FzkAEWw47nGMcmkFFMNQkwGmV
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-