General
-
Target
b30991bbdb7339dad995227cd662f967cf3ec19fc5ed3f19d16bf84f74ba1019
-
Size
407KB
-
Sample
240424-ym865sgd7w
-
MD5
4cf48aca3dae4f31bee73ba424519fa1
-
SHA1
a6613b54c0d91e61e6a0807e102a9ef9076123c0
-
SHA256
b30991bbdb7339dad995227cd662f967cf3ec19fc5ed3f19d16bf84f74ba1019
-
SHA512
efcc3885998abfde1e5c519e30b91029e4fa70cd9ecdd27ef7f21144b40b73db113d5d07f6fb4ed1aa143066881afb979c5d366984d8ec1b15d787243f44d0f7
-
SSDEEP
12288:TR9O+taKgZxoUe8NtddpJ3UMpZIedELuRv:++0Px/TUaZIyELuRv
Static task
static1
Behavioral task
behavioral1
Sample
b30991bbdb7339dad995227cd662f967cf3ec19fc5ed3f19d16bf84f74ba1019.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
stealc
http://185.172.128.76
-
url_path
/3cd2b41cbde8fc9c.php
Targets
-
-
Target
b30991bbdb7339dad995227cd662f967cf3ec19fc5ed3f19d16bf84f74ba1019
-
Size
407KB
-
MD5
4cf48aca3dae4f31bee73ba424519fa1
-
SHA1
a6613b54c0d91e61e6a0807e102a9ef9076123c0
-
SHA256
b30991bbdb7339dad995227cd662f967cf3ec19fc5ed3f19d16bf84f74ba1019
-
SHA512
efcc3885998abfde1e5c519e30b91029e4fa70cd9ecdd27ef7f21144b40b73db113d5d07f6fb4ed1aa143066881afb979c5d366984d8ec1b15d787243f44d0f7
-
SSDEEP
12288:TR9O+taKgZxoUe8NtddpJ3UMpZIedELuRv:++0Px/TUaZIyELuRv
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-