General
-
Target
77735e1da724a93264a79607382ef949ba0e929e47909ee24f68389c6427cadf
-
Size
407KB
-
Sample
240424-ylsg1agd73
-
MD5
ab6027f0e210a7b4ab1877da9649fa9d
-
SHA1
0f6e64f9afc0238155011d84bfb40daf4d1edf1b
-
SHA256
77735e1da724a93264a79607382ef949ba0e929e47909ee24f68389c6427cadf
-
SHA512
25c1e18ef29708381e0cc6a08b9b8d8ba7af7857c280ff4c49e30f8ce72c78f01a6857c25496b473718d1e1b090506eecc9e2d63f1a2190c580e73aa55e50f05
-
SSDEEP
12288:TR9O+taKgZxoUe8NtddpJ3UMpZIedELuRq:++0Px/TUaZIyELuRq
Static task
static1
Behavioral task
behavioral1
Sample
77735e1da724a93264a79607382ef949ba0e929e47909ee24f68389c6427cadf.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
77735e1da724a93264a79607382ef949ba0e929e47909ee24f68389c6427cadf
-
Size
407KB
-
MD5
ab6027f0e210a7b4ab1877da9649fa9d
-
SHA1
0f6e64f9afc0238155011d84bfb40daf4d1edf1b
-
SHA256
77735e1da724a93264a79607382ef949ba0e929e47909ee24f68389c6427cadf
-
SHA512
25c1e18ef29708381e0cc6a08b9b8d8ba7af7857c280ff4c49e30f8ce72c78f01a6857c25496b473718d1e1b090506eecc9e2d63f1a2190c580e73aa55e50f05
-
SSDEEP
12288:TR9O+taKgZxoUe8NtddpJ3UMpZIedELuRq:++0Px/TUaZIyELuRq
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-