General
-
Target
3f7255d2ecd3df5f1ff5a525b7bf4870eb9d61565f6e952d75fa26ed4a45c3a4
-
Size
413KB
-
Sample
240424-ys4tlsge9t
-
MD5
b51fae93296cc9663535af54ca4071b7
-
SHA1
e84388e006a20c49e8c7ae4aa3a6db68403bd20e
-
SHA256
3f7255d2ecd3df5f1ff5a525b7bf4870eb9d61565f6e952d75fa26ed4a45c3a4
-
SHA512
e4693816f2c4ce53253f69d3b39900dd9066753cbf48c45d362c68a28ed0b89e6ffbe0a6c4259e7c0f6f4d7f8aa4ebbc22451c2be11a2263315b86a521947fe6
-
SSDEEP
12288:49NL1baM8Gb2L1BZJMFiLrTSeLrkf8BIV+xdELuRaZU:kdaM8Gk1BoiLrTvkEBIVqELuRaC
Static task
static1
Behavioral task
behavioral1
Sample
3f7255d2ecd3df5f1ff5a525b7bf4870eb9d61565f6e952d75fa26ed4a45c3a4.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
3f7255d2ecd3df5f1ff5a525b7bf4870eb9d61565f6e952d75fa26ed4a45c3a4
-
Size
413KB
-
MD5
b51fae93296cc9663535af54ca4071b7
-
SHA1
e84388e006a20c49e8c7ae4aa3a6db68403bd20e
-
SHA256
3f7255d2ecd3df5f1ff5a525b7bf4870eb9d61565f6e952d75fa26ed4a45c3a4
-
SHA512
e4693816f2c4ce53253f69d3b39900dd9066753cbf48c45d362c68a28ed0b89e6ffbe0a6c4259e7c0f6f4d7f8aa4ebbc22451c2be11a2263315b86a521947fe6
-
SSDEEP
12288:49NL1baM8Gb2L1BZJMFiLrTSeLrkf8BIV+xdELuRaZU:kdaM8Gk1BoiLrTvkEBIVqELuRaC
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-