General
-
Target
83e8d48acab4e0be57905c55447c177f4db9319fc1633476063f1462b0ea21b7
-
Size
460KB
-
Sample
240419-htxhxsbd99
-
MD5
a2d3b3520a52f12311c30ffd85d35852
-
SHA1
bdee16f3c597c1d8f0ad27153f39f0a6629ecf77
-
SHA256
83e8d48acab4e0be57905c55447c177f4db9319fc1633476063f1462b0ea21b7
-
SHA512
11ab97748a2cbf9a123237a23a13be86a49109cb62e42b45c1df8aad93052ffb12a0b7c399bacde2d5055ad78aff11582aed5fd980d29e665d1151355821a6e8
-
SSDEEP
6144:KDfVZKQFzkJGWNWNK47hJGMcyvkFFV7uHf07pGi1Wp7Yuxw0Qmmf:KDfVZ1FzkAEWw47nGMcmkFFMNQkwGmf
Static task
static1
Behavioral task
behavioral1
Sample
83e8d48acab4e0be57905c55447c177f4db9319fc1633476063f1462b0ea21b7.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
83e8d48acab4e0be57905c55447c177f4db9319fc1633476063f1462b0ea21b7
-
Size
460KB
-
MD5
a2d3b3520a52f12311c30ffd85d35852
-
SHA1
bdee16f3c597c1d8f0ad27153f39f0a6629ecf77
-
SHA256
83e8d48acab4e0be57905c55447c177f4db9319fc1633476063f1462b0ea21b7
-
SHA512
11ab97748a2cbf9a123237a23a13be86a49109cb62e42b45c1df8aad93052ffb12a0b7c399bacde2d5055ad78aff11582aed5fd980d29e665d1151355821a6e8
-
SSDEEP
6144:KDfVZKQFzkJGWNWNK47hJGMcyvkFFV7uHf07pGi1Wp7Yuxw0Qmmf:KDfVZ1FzkAEWw47nGMcmkFFMNQkwGmf
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-