General
-
Target
187d21a071e668c2c1ed3a47dc1dbe7df33d83d5f68f9f68afc291cf5729992b
-
Size
395KB
-
Sample
240425-3t9hpsgc99
-
MD5
a808d65d14f8acf0ac6ff3d635540d52
-
SHA1
f3171f961f8e6fcb5959877987dd20359cdddf67
-
SHA256
187d21a071e668c2c1ed3a47dc1dbe7df33d83d5f68f9f68afc291cf5729992b
-
SHA512
9713691fb979166e088114e71e8b490cba26e39683a5e2aac7277f2ef544e54b743c235dbfb680c36b111d1610b6a4fbcebc1575b240a485e486f6c9ccb30b39
-
SSDEEP
6144:bDT/bT/y5pUYwa0tjXZfSFZtKn+iW9c5BGIpuluXyCAmIC1rPF:bHf/KpmaKQAJ5BQsCqtxF
Static task
static1
Behavioral task
behavioral1
Sample
187d21a071e668c2c1ed3a47dc1dbe7df33d83d5f68f9f68afc291cf5729992b.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
187d21a071e668c2c1ed3a47dc1dbe7df33d83d5f68f9f68afc291cf5729992b
-
Size
395KB
-
MD5
a808d65d14f8acf0ac6ff3d635540d52
-
SHA1
f3171f961f8e6fcb5959877987dd20359cdddf67
-
SHA256
187d21a071e668c2c1ed3a47dc1dbe7df33d83d5f68f9f68afc291cf5729992b
-
SHA512
9713691fb979166e088114e71e8b490cba26e39683a5e2aac7277f2ef544e54b743c235dbfb680c36b111d1610b6a4fbcebc1575b240a485e486f6c9ccb30b39
-
SSDEEP
6144:bDT/bT/y5pUYwa0tjXZfSFZtKn+iW9c5BGIpuluXyCAmIC1rPF:bHf/KpmaKQAJ5BQsCqtxF
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-