General
-
Target
b52127782111e0aa63dee376335dc0d0509dc53c670e737716b75032ad7be246
-
Size
395KB
-
Sample
240425-2zqr4sgb3y
-
MD5
b6b9e61a2da28112ba48c1467de77dbd
-
SHA1
cba33108fb41f82667d311cfb3ccb98f73959f35
-
SHA256
b52127782111e0aa63dee376335dc0d0509dc53c670e737716b75032ad7be246
-
SHA512
c85e0c2168296a2413b136eccb271d6729277758fe0acffa74cd5f8b178fd3b92e50a33e42bf085bf8d4744eed3f82ed9041ea2c92b83b2634103b235d2ec7d0
-
SSDEEP
6144:wfvZZIElv79VasTMGa6tc4F4LiHOWfBmu+rbCmkLiCjj8/UXewVljd:wPIER79VFXawc4DaDPCmAiz/UXzR
Static task
static1
Behavioral task
behavioral1
Sample
b52127782111e0aa63dee376335dc0d0509dc53c670e737716b75032ad7be246.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
b52127782111e0aa63dee376335dc0d0509dc53c670e737716b75032ad7be246
-
Size
395KB
-
MD5
b6b9e61a2da28112ba48c1467de77dbd
-
SHA1
cba33108fb41f82667d311cfb3ccb98f73959f35
-
SHA256
b52127782111e0aa63dee376335dc0d0509dc53c670e737716b75032ad7be246
-
SHA512
c85e0c2168296a2413b136eccb271d6729277758fe0acffa74cd5f8b178fd3b92e50a33e42bf085bf8d4744eed3f82ed9041ea2c92b83b2634103b235d2ec7d0
-
SSDEEP
6144:wfvZZIElv79VasTMGa6tc4F4LiHOWfBmu+rbCmkLiCjj8/UXewVljd:wPIER79VFXawc4DaDPCmAiz/UXzR
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-