General
-
Target
27bdccfa15fe8ca83abbc85d06bca0e4061b51b46dbc34d8a8a13741bea4ccf6
-
Size
395KB
-
Sample
240425-2y6ryagb45
-
MD5
95b565b4f9f6fdabea41ac21fe8f048e
-
SHA1
248b627d7ad7d75e57f82fa3892b021add6f43ae
-
SHA256
27bdccfa15fe8ca83abbc85d06bca0e4061b51b46dbc34d8a8a13741bea4ccf6
-
SHA512
5a4c53d3f8ccf1ca58f0b90e29197a2e9f9256a6c21f31de553dd5e5cd6afde7994613bc94d917c21a82ceb312f9b2bc1433b25494fa2e895b73386f55b813b9
-
SSDEEP
6144:wfvZZIElv79VasTMGa6tc4F4LiHOWfBmu+rbCmkLiCjj8/UXewVljd6:wPIER79VFXawc4DaDPCmAiz/UXzR6
Static task
static1
Behavioral task
behavioral1
Sample
27bdccfa15fe8ca83abbc85d06bca0e4061b51b46dbc34d8a8a13741bea4ccf6.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
27bdccfa15fe8ca83abbc85d06bca0e4061b51b46dbc34d8a8a13741bea4ccf6
-
Size
395KB
-
MD5
95b565b4f9f6fdabea41ac21fe8f048e
-
SHA1
248b627d7ad7d75e57f82fa3892b021add6f43ae
-
SHA256
27bdccfa15fe8ca83abbc85d06bca0e4061b51b46dbc34d8a8a13741bea4ccf6
-
SHA512
5a4c53d3f8ccf1ca58f0b90e29197a2e9f9256a6c21f31de553dd5e5cd6afde7994613bc94d917c21a82ceb312f9b2bc1433b25494fa2e895b73386f55b813b9
-
SSDEEP
6144:wfvZZIElv79VasTMGa6tc4F4LiHOWfBmu+rbCmkLiCjj8/UXewVljd6:wPIER79VFXawc4DaDPCmAiz/UXzR6
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-