General
-
Target
8b4b5c8cb03dc8d14b4faf1f3af66c1a224d4cb440390db3ae291e2e57a05aaf
-
Size
413KB
-
Sample
240424-28nzwabd63
-
MD5
8072c219cb44ec3d8a06eef00d9114fa
-
SHA1
7859b9109a78ad153151cc5eb2840d7225fb96a4
-
SHA256
8b4b5c8cb03dc8d14b4faf1f3af66c1a224d4cb440390db3ae291e2e57a05aaf
-
SHA512
78f5b355e3081e22f489123dd36b9336e2f0555511b5f6a9a5f1fcb702e4ad6872de4c059006f6e454707da51b42c3e82961c3b1d6b7b59594620d4c86d593e6
-
SSDEEP
6144:7p2VfZltnPHFzJfwrmLGlZRyLfRnXQGlOFNoHYN/XtaddEL4tOqZJ:7p2VBbnPHXfGMcyOGlOrkYedELuOqZJ
Static task
static1
Behavioral task
behavioral1
Sample
8b4b5c8cb03dc8d14b4faf1f3af66c1a224d4cb440390db3ae291e2e57a05aaf.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
8b4b5c8cb03dc8d14b4faf1f3af66c1a224d4cb440390db3ae291e2e57a05aaf
-
Size
413KB
-
MD5
8072c219cb44ec3d8a06eef00d9114fa
-
SHA1
7859b9109a78ad153151cc5eb2840d7225fb96a4
-
SHA256
8b4b5c8cb03dc8d14b4faf1f3af66c1a224d4cb440390db3ae291e2e57a05aaf
-
SHA512
78f5b355e3081e22f489123dd36b9336e2f0555511b5f6a9a5f1fcb702e4ad6872de4c059006f6e454707da51b42c3e82961c3b1d6b7b59594620d4c86d593e6
-
SSDEEP
6144:7p2VfZltnPHFzJfwrmLGlZRyLfRnXQGlOFNoHYN/XtaddEL4tOqZJ:7p2VBbnPHXfGMcyOGlOrkYedELuOqZJ
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-