General
-
Target
567c1b49fe11b07455f838eb73cba70615693d71ad22d3e2a5866ebcd2665474
-
Size
396KB
-
Sample
240425-2aba5afh82
-
MD5
6abaf7e05250df0caf09dc24869ef4d6
-
SHA1
04159ba786bd644ecdf02d761ebb07b543f1bfa4
-
SHA256
567c1b49fe11b07455f838eb73cba70615693d71ad22d3e2a5866ebcd2665474
-
SHA512
632afc68fbe726683d0efd8db0633f3805500cf61b4579356ac8d202be70bba213f25fe6507757ab23c489de5f53d5cdefd0b95925cd29b8588f754bd08383a7
-
SSDEEP
6144:4iKdFPyXpDopFPAWs9Q9NEZRXW4XU3XRkocJoH8YOi8HLoV:lj5DqWQ9qZZWCeRTlcYOT8V
Static task
static1
Behavioral task
behavioral1
Sample
567c1b49fe11b07455f838eb73cba70615693d71ad22d3e2a5866ebcd2665474.exe
Resource
win7-20240220-en
Malware Config
Extracted
stealc
http://185.172.128.76
-
url_path
/3cd2b41cbde8fc9c.php
Targets
-
-
Target
567c1b49fe11b07455f838eb73cba70615693d71ad22d3e2a5866ebcd2665474
-
Size
396KB
-
MD5
6abaf7e05250df0caf09dc24869ef4d6
-
SHA1
04159ba786bd644ecdf02d761ebb07b543f1bfa4
-
SHA256
567c1b49fe11b07455f838eb73cba70615693d71ad22d3e2a5866ebcd2665474
-
SHA512
632afc68fbe726683d0efd8db0633f3805500cf61b4579356ac8d202be70bba213f25fe6507757ab23c489de5f53d5cdefd0b95925cd29b8588f754bd08383a7
-
SSDEEP
6144:4iKdFPyXpDopFPAWs9Q9NEZRXW4XU3XRkocJoH8YOi8HLoV:lj5DqWQ9qZZWCeRTlcYOT8V
-
Detect ZGRat V1
-
Detects Arechclient2 RAT
Arechclient2.
-
SectopRAT payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-