General
-
Target
56e4460f9caf322c4bdbf55a900a89e2e68c960f9d305052b5912784b14a59ea
-
Size
413KB
-
Sample
240424-yt4j8sgf3t
-
MD5
dece996fefcab2b290082da54942bca0
-
SHA1
11b6e3c3fd887964b970952fb5cb3cf10862c1be
-
SHA256
56e4460f9caf322c4bdbf55a900a89e2e68c960f9d305052b5912784b14a59ea
-
SHA512
f77f0ee63e954e8f2f61f02b355025584a3764eacb432b593a11b2ffba51a57cc353eec29c2c2dcccdb9dc348e5c99b197d4b23ea0b6fa5a7c9e9d89e18e9fe9
-
SSDEEP
12288:49NL1baM8Gb2L1BZJMFiLrTSeLrkf8BIV+xdELuRaZW:kdaM8Gk1BoiLrTvkEBIVqELuRaA
Static task
static1
Behavioral task
behavioral1
Sample
56e4460f9caf322c4bdbf55a900a89e2e68c960f9d305052b5912784b14a59ea.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
56e4460f9caf322c4bdbf55a900a89e2e68c960f9d305052b5912784b14a59ea
-
Size
413KB
-
MD5
dece996fefcab2b290082da54942bca0
-
SHA1
11b6e3c3fd887964b970952fb5cb3cf10862c1be
-
SHA256
56e4460f9caf322c4bdbf55a900a89e2e68c960f9d305052b5912784b14a59ea
-
SHA512
f77f0ee63e954e8f2f61f02b355025584a3764eacb432b593a11b2ffba51a57cc353eec29c2c2dcccdb9dc348e5c99b197d4b23ea0b6fa5a7c9e9d89e18e9fe9
-
SSDEEP
12288:49NL1baM8Gb2L1BZJMFiLrTSeLrkf8BIV+xdELuRaZW:kdaM8Gk1BoiLrTvkEBIVqELuRaA
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-