General
-
Target
a6473b60456133112f36c7572fa9315b2a1f1b44270468dcda76cc31b293d81d
-
Size
407KB
-
Sample
240424-ykwg9sgd54
-
MD5
4cc8887c065177a5f2555e9d725e69d9
-
SHA1
f7938833f2a3a2cb7bb63d146c8de1680bc765f5
-
SHA256
a6473b60456133112f36c7572fa9315b2a1f1b44270468dcda76cc31b293d81d
-
SHA512
5a6c4e8cee2d33f9db40e76c28a9ccaaf652391d5c0e033ad5a68f35f9cf151d2d7d97b466acc4b663ca2145b44396a151c7bbd3d412165a2f19a6f302c20d9f
-
SSDEEP
12288:TR9O+taKgZxoUe8NtddpJ3UMpZIedELuR:++0Px/TUaZIyELuR
Static task
static1
Behavioral task
behavioral1
Sample
a6473b60456133112f36c7572fa9315b2a1f1b44270468dcda76cc31b293d81d.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
a6473b60456133112f36c7572fa9315b2a1f1b44270468dcda76cc31b293d81d
-
Size
407KB
-
MD5
4cc8887c065177a5f2555e9d725e69d9
-
SHA1
f7938833f2a3a2cb7bb63d146c8de1680bc765f5
-
SHA256
a6473b60456133112f36c7572fa9315b2a1f1b44270468dcda76cc31b293d81d
-
SHA512
5a6c4e8cee2d33f9db40e76c28a9ccaaf652391d5c0e033ad5a68f35f9cf151d2d7d97b466acc4b663ca2145b44396a151c7bbd3d412165a2f19a6f302c20d9f
-
SSDEEP
12288:TR9O+taKgZxoUe8NtddpJ3UMpZIedELuR:++0Px/TUaZIyELuR
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-