General
-
Target
e559e511e008889ec815ad8553e4600fd514ab2d95e3f569a8c8f04d7b086c28
-
Size
413KB
-
Sample
240424-28xa9abd65
-
MD5
20c9a9779ad33793278c82b5cf25a032
-
SHA1
096dc69c036ba3fbac9ff4194cdb72a3f563bb96
-
SHA256
e559e511e008889ec815ad8553e4600fd514ab2d95e3f569a8c8f04d7b086c28
-
SHA512
08bf8d7df847bf0ac18ce80342f4bb1ad70c03b50ef023665f4df74a4c03bbfb90ce597ce8dbcebd92150a4c5ff6ee4184505a151d045923e521ff0e4829316b
-
SSDEEP
6144:7p2VfZltnPHFzJfwrmLGlZRyLfRnXQGlOFNoHYN/XtaddEL4tOqZM:7p2VBbnPHXfGMcyOGlOrkYedELuOqZM
Static task
static1
Behavioral task
behavioral1
Sample
e559e511e008889ec815ad8553e4600fd514ab2d95e3f569a8c8f04d7b086c28.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
e559e511e008889ec815ad8553e4600fd514ab2d95e3f569a8c8f04d7b086c28
-
Size
413KB
-
MD5
20c9a9779ad33793278c82b5cf25a032
-
SHA1
096dc69c036ba3fbac9ff4194cdb72a3f563bb96
-
SHA256
e559e511e008889ec815ad8553e4600fd514ab2d95e3f569a8c8f04d7b086c28
-
SHA512
08bf8d7df847bf0ac18ce80342f4bb1ad70c03b50ef023665f4df74a4c03bbfb90ce597ce8dbcebd92150a4c5ff6ee4184505a151d045923e521ff0e4829316b
-
SSDEEP
6144:7p2VfZltnPHFzJfwrmLGlZRyLfRnXQGlOFNoHYN/XtaddEL4tOqZM:7p2VBbnPHXfGMcyOGlOrkYedELuOqZM
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-