General
-
Target
3a23fa6aab37992ed427992c7a5760cb88ba0972c093ca2e8e30a5d412c9f7e9
-
Size
395KB
-
Sample
240425-3se8gagc85
-
MD5
e3f1203177c281c842d8b792dbc149a1
-
SHA1
96ac547ad6da9226979cc188ff7a98f71073f681
-
SHA256
3a23fa6aab37992ed427992c7a5760cb88ba0972c093ca2e8e30a5d412c9f7e9
-
SHA512
2827a461ab71fb4cfd04b91ec21c483eb336754b49024725df4b1bc4d347cc59187f8e286b6413f89185693fd49f558e0969d559fec95b2754cd3bff421dbe1b
-
SSDEEP
6144:bDT/bT/y5pUYwa0tjXZfSFZtKn+iW9c5BGIpuluXyCAmIC1rPI:bHf/KpmaKQAJ5BQsCqtxI
Static task
static1
Behavioral task
behavioral1
Sample
3a23fa6aab37992ed427992c7a5760cb88ba0972c093ca2e8e30a5d412c9f7e9.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
3a23fa6aab37992ed427992c7a5760cb88ba0972c093ca2e8e30a5d412c9f7e9
-
Size
395KB
-
MD5
e3f1203177c281c842d8b792dbc149a1
-
SHA1
96ac547ad6da9226979cc188ff7a98f71073f681
-
SHA256
3a23fa6aab37992ed427992c7a5760cb88ba0972c093ca2e8e30a5d412c9f7e9
-
SHA512
2827a461ab71fb4cfd04b91ec21c483eb336754b49024725df4b1bc4d347cc59187f8e286b6413f89185693fd49f558e0969d559fec95b2754cd3bff421dbe1b
-
SSDEEP
6144:bDT/bT/y5pUYwa0tjXZfSFZtKn+iW9c5BGIpuluXyCAmIC1rPI:bHf/KpmaKQAJ5BQsCqtxI
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-