General
-
Target
7e17c8b811bf378da3b841f441f7ee4cac11d541147a2345510589df41ffdb69
-
Size
413KB
-
Sample
240424-2911tsbd71
-
MD5
788540ec70acc76196184af840f8429f
-
SHA1
0a6858e5dd0c487db27cbfe359546c000c5992a3
-
SHA256
7e17c8b811bf378da3b841f441f7ee4cac11d541147a2345510589df41ffdb69
-
SHA512
b537949f7ac9f1ba24ff9fd0f0bf975ffaaa4df09a99c22abd27459688d4f9349656d15df5eda1209ffc466588496d9f00df432b76ec111e7af9620d5559bcc4
-
SSDEEP
6144:7p2VfZltnPHFzJfwrmLGlZRyLfRnXQGlOFNoHYN/XtaddEL4tOqZD:7p2VBbnPHXfGMcyOGlOrkYedELuOqZD
Static task
static1
Behavioral task
behavioral1
Sample
7e17c8b811bf378da3b841f441f7ee4cac11d541147a2345510589df41ffdb69.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
7e17c8b811bf378da3b841f441f7ee4cac11d541147a2345510589df41ffdb69
-
Size
413KB
-
MD5
788540ec70acc76196184af840f8429f
-
SHA1
0a6858e5dd0c487db27cbfe359546c000c5992a3
-
SHA256
7e17c8b811bf378da3b841f441f7ee4cac11d541147a2345510589df41ffdb69
-
SHA512
b537949f7ac9f1ba24ff9fd0f0bf975ffaaa4df09a99c22abd27459688d4f9349656d15df5eda1209ffc466588496d9f00df432b76ec111e7af9620d5559bcc4
-
SSDEEP
6144:7p2VfZltnPHFzJfwrmLGlZRyLfRnXQGlOFNoHYN/XtaddEL4tOqZD:7p2VBbnPHXfGMcyOGlOrkYedELuOqZD
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-