General
-
Target
3e570a6ae430477ac8e91f06800255944007f2e731c8de037cd95d718357919e
-
Size
413KB
-
Sample
240424-yvcsxagf75
-
MD5
461e619436f4b328d77434ccdad9e0ff
-
SHA1
bde2eb7c03b7bee0eba6f7cb4242b57e9b444357
-
SHA256
3e570a6ae430477ac8e91f06800255944007f2e731c8de037cd95d718357919e
-
SHA512
6ed8b3938cb5b2233f75c1b31cbca7c1f818d772b26640352787e9f521c949530a52855c88b41a2ce5ca12447deba265e38c69e2f850ced8a2eae0aa54d99f4f
-
SSDEEP
12288:49NL1baM8Gb2L1BZJMFiLrTSeLrkf8BIV+xdELuRaZb:kdaM8Gk1BoiLrTvkEBIVqELuRaN
Static task
static1
Behavioral task
behavioral1
Sample
3e570a6ae430477ac8e91f06800255944007f2e731c8de037cd95d718357919e.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
3e570a6ae430477ac8e91f06800255944007f2e731c8de037cd95d718357919e
-
Size
413KB
-
MD5
461e619436f4b328d77434ccdad9e0ff
-
SHA1
bde2eb7c03b7bee0eba6f7cb4242b57e9b444357
-
SHA256
3e570a6ae430477ac8e91f06800255944007f2e731c8de037cd95d718357919e
-
SHA512
6ed8b3938cb5b2233f75c1b31cbca7c1f818d772b26640352787e9f521c949530a52855c88b41a2ce5ca12447deba265e38c69e2f850ced8a2eae0aa54d99f4f
-
SSDEEP
12288:49NL1baM8Gb2L1BZJMFiLrTSeLrkf8BIV+xdELuRaZb:kdaM8Gk1BoiLrTvkEBIVqELuRaN
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-