General
-
Target
6eb6705969a11547036026712c10b1677acacf574c3b117ae1cc531c6c96702c
-
Size
395KB
-
Sample
240425-3rz69agc76
-
MD5
26000a6fce2bea135826c11c5b62ab8f
-
SHA1
1f8846907205bcc086c17ce3ae1a6d994fa077d7
-
SHA256
6eb6705969a11547036026712c10b1677acacf574c3b117ae1cc531c6c96702c
-
SHA512
5d574f1095ce6d0304629a4abac052e854573bfda68267f265b7fb124b80dc9f2f22d67cbbe3d450db58680e7c8c8854c463e785f2f487c02d17bcb460efad64
-
SSDEEP
6144:bDT/bT/y5pUYwa0tjXZfSFZtKn+iW9c5BGIpuluXyCAmIC1rPK:bHf/KpmaKQAJ5BQsCqtxK
Static task
static1
Behavioral task
behavioral1
Sample
6eb6705969a11547036026712c10b1677acacf574c3b117ae1cc531c6c96702c.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
6eb6705969a11547036026712c10b1677acacf574c3b117ae1cc531c6c96702c
-
Size
395KB
-
MD5
26000a6fce2bea135826c11c5b62ab8f
-
SHA1
1f8846907205bcc086c17ce3ae1a6d994fa077d7
-
SHA256
6eb6705969a11547036026712c10b1677acacf574c3b117ae1cc531c6c96702c
-
SHA512
5d574f1095ce6d0304629a4abac052e854573bfda68267f265b7fb124b80dc9f2f22d67cbbe3d450db58680e7c8c8854c463e785f2f487c02d17bcb460efad64
-
SSDEEP
6144:bDT/bT/y5pUYwa0tjXZfSFZtKn+iW9c5BGIpuluXyCAmIC1rPK:bHf/KpmaKQAJ5BQsCqtxK
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-