General
-
Target
cac072f8a68bc55b1b6536d31191725dd68cb5d60859af3456b77e2f3576897c
-
Size
413KB
-
Sample
240424-3hetysbf25
-
MD5
2d63dbeaea334cdf715103b805382f8c
-
SHA1
1c4275305ae02bede10adb44763e0e34d6cac33e
-
SHA256
cac072f8a68bc55b1b6536d31191725dd68cb5d60859af3456b77e2f3576897c
-
SHA512
6d708301b62eb0452ac15856202af0c31b0309c8ec53dfd42d041f3087d0507558f71fa17a1fe91f46a35a8011d30adb26e94d1d7827eca9de349665a7e4354f
-
SSDEEP
6144:7p2VfZltnPHFzJfwrmLGlZRyLfRnXQGlOFNoHYN/XtaddEL4tOqZ:7p2VBbnPHXfGMcyOGlOrkYedELuOqZ
Static task
static1
Behavioral task
behavioral1
Sample
cac072f8a68bc55b1b6536d31191725dd68cb5d60859af3456b77e2f3576897c.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
cac072f8a68bc55b1b6536d31191725dd68cb5d60859af3456b77e2f3576897c
-
Size
413KB
-
MD5
2d63dbeaea334cdf715103b805382f8c
-
SHA1
1c4275305ae02bede10adb44763e0e34d6cac33e
-
SHA256
cac072f8a68bc55b1b6536d31191725dd68cb5d60859af3456b77e2f3576897c
-
SHA512
6d708301b62eb0452ac15856202af0c31b0309c8ec53dfd42d041f3087d0507558f71fa17a1fe91f46a35a8011d30adb26e94d1d7827eca9de349665a7e4354f
-
SSDEEP
6144:7p2VfZltnPHFzJfwrmLGlZRyLfRnXQGlOFNoHYN/XtaddEL4tOqZ:7p2VBbnPHXfGMcyOGlOrkYedELuOqZ
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-