General
-
Target
da7e46c36b67dd3e4ea7bb2218dc582f8d42cc508d0a1fa09e57e5bd5133e62c
-
Size
407KB
-
Sample
240424-yhmscagc4v
-
MD5
fec3c8b73b3b2b3a8f53f4d1b1c383fd
-
SHA1
af5476e25e235de1a1ba98deb09cf095a4e7ae6d
-
SHA256
da7e46c36b67dd3e4ea7bb2218dc582f8d42cc508d0a1fa09e57e5bd5133e62c
-
SHA512
21898216fb888fe1539b2c3220b367c07710133e6e1e275b4de013e57237f169ae118286b2136b891ef5b8ae2bbb69aca0fff63166f3da7991b0e757d6d4b87d
-
SSDEEP
12288:TR9O+taKgZxoUe8NtddpJ3UMpZIedELuRl:++0Px/TUaZIyELuRl
Static task
static1
Behavioral task
behavioral1
Sample
da7e46c36b67dd3e4ea7bb2218dc582f8d42cc508d0a1fa09e57e5bd5133e62c.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
da7e46c36b67dd3e4ea7bb2218dc582f8d42cc508d0a1fa09e57e5bd5133e62c
-
Size
407KB
-
MD5
fec3c8b73b3b2b3a8f53f4d1b1c383fd
-
SHA1
af5476e25e235de1a1ba98deb09cf095a4e7ae6d
-
SHA256
da7e46c36b67dd3e4ea7bb2218dc582f8d42cc508d0a1fa09e57e5bd5133e62c
-
SHA512
21898216fb888fe1539b2c3220b367c07710133e6e1e275b4de013e57237f169ae118286b2136b891ef5b8ae2bbb69aca0fff63166f3da7991b0e757d6d4b87d
-
SSDEEP
12288:TR9O+taKgZxoUe8NtddpJ3UMpZIedELuRl:++0Px/TUaZIyELuRl
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-