General
-
Target
d34feb5a831fde3d725e1634834488ed896a7f4ac453126b6355352b2bb16c29
-
Size
395KB
-
Sample
240425-21jp7agb4v
-
MD5
4a9c0f7eb1a91c34fae8394d485141b9
-
SHA1
6c61fb83d448755dcfd9fe5113ebcd0e5d1a3173
-
SHA256
d34feb5a831fde3d725e1634834488ed896a7f4ac453126b6355352b2bb16c29
-
SHA512
c85843f23e84097517404c15c9976d9c2c229ba0647708791e8b0856f4318bc501ffc3e82decae5b6ac9f55476f2418e4e20a7bd55bd340d920e78d305635fac
-
SSDEEP
6144:wfvZZIElv79VasTMGa6tc4F4LiHOWfBmu+rbCmkLiCjj8/UXewVljd/:wPIER79VFXawc4DaDPCmAiz/UXzR/
Static task
static1
Behavioral task
behavioral1
Sample
d34feb5a831fde3d725e1634834488ed896a7f4ac453126b6355352b2bb16c29.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
d34feb5a831fde3d725e1634834488ed896a7f4ac453126b6355352b2bb16c29
-
Size
395KB
-
MD5
4a9c0f7eb1a91c34fae8394d485141b9
-
SHA1
6c61fb83d448755dcfd9fe5113ebcd0e5d1a3173
-
SHA256
d34feb5a831fde3d725e1634834488ed896a7f4ac453126b6355352b2bb16c29
-
SHA512
c85843f23e84097517404c15c9976d9c2c229ba0647708791e8b0856f4318bc501ffc3e82decae5b6ac9f55476f2418e4e20a7bd55bd340d920e78d305635fac
-
SSDEEP
6144:wfvZZIElv79VasTMGa6tc4F4LiHOWfBmu+rbCmkLiCjj8/UXewVljd/:wPIER79VFXawc4DaDPCmAiz/UXzR/
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-