General
-
Target
5c2ec0240ddeeac7c6678ced3b601488e296ded87aa412bb787262601e7e1165
-
Size
405KB
-
Sample
240424-3trmwsbg7z
-
MD5
e9f8aadc4e55d4836a1238d7a54c2c47
-
SHA1
400c0792d9a116b4a7fea248cce242d6178c8a94
-
SHA256
5c2ec0240ddeeac7c6678ced3b601488e296ded87aa412bb787262601e7e1165
-
SHA512
6e185f5f80260afb1560478ccb263a427de9e768bc6552f972cb503447ff42bfa9bc2508d9218408b0b157dbb86b9a01baef2bb2eb0be87a966d1529e123b8a4
-
SSDEEP
6144:6lvgNss1kOj6Ljn7bgDKzgH3SYfmwdG2mFdEL4tOJDsL:6lvgmaeH4KzgXxfFGDdELuOJDsL
Static task
static1
Behavioral task
behavioral1
Sample
5c2ec0240ddeeac7c6678ced3b601488e296ded87aa412bb787262601e7e1165.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
5c2ec0240ddeeac7c6678ced3b601488e296ded87aa412bb787262601e7e1165
-
Size
405KB
-
MD5
e9f8aadc4e55d4836a1238d7a54c2c47
-
SHA1
400c0792d9a116b4a7fea248cce242d6178c8a94
-
SHA256
5c2ec0240ddeeac7c6678ced3b601488e296ded87aa412bb787262601e7e1165
-
SHA512
6e185f5f80260afb1560478ccb263a427de9e768bc6552f972cb503447ff42bfa9bc2508d9218408b0b157dbb86b9a01baef2bb2eb0be87a966d1529e123b8a4
-
SSDEEP
6144:6lvgNss1kOj6Ljn7bgDKzgH3SYfmwdG2mFdEL4tOJDsL:6lvgmaeH4KzgXxfFGDdELuOJDsL
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-