General
-
Target
7f74f2cfd75b7d1b62eb421714c936a7431190bdfe93626185dd103a3881f124
-
Size
395KB
-
Sample
240425-3wk8wsgd23
-
MD5
42648b762e467d64b58ec7c12a710520
-
SHA1
7251da8f75f9347fbe9a0032ba119ba4a797bcb7
-
SHA256
7f74f2cfd75b7d1b62eb421714c936a7431190bdfe93626185dd103a3881f124
-
SHA512
a1c4ffcdde1a00851e382d51cd0cf993d821cc47fbb92c93e0416b9394e8b250ed3341a41648f3624ea1e6a1790c719b674db109165332fcc562f9ebadaafa6e
-
SSDEEP
6144:bDT/bT/y5pUYwa0tjXZfSFZtKn+iW9c5BGIpuluXyCAmIC1rP:bHf/KpmaKQAJ5BQsCqtx
Static task
static1
Behavioral task
behavioral1
Sample
7f74f2cfd75b7d1b62eb421714c936a7431190bdfe93626185dd103a3881f124.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
7f74f2cfd75b7d1b62eb421714c936a7431190bdfe93626185dd103a3881f124
-
Size
395KB
-
MD5
42648b762e467d64b58ec7c12a710520
-
SHA1
7251da8f75f9347fbe9a0032ba119ba4a797bcb7
-
SHA256
7f74f2cfd75b7d1b62eb421714c936a7431190bdfe93626185dd103a3881f124
-
SHA512
a1c4ffcdde1a00851e382d51cd0cf993d821cc47fbb92c93e0416b9394e8b250ed3341a41648f3624ea1e6a1790c719b674db109165332fcc562f9ebadaafa6e
-
SSDEEP
6144:bDT/bT/y5pUYwa0tjXZfSFZtKn+iW9c5BGIpuluXyCAmIC1rP:bHf/KpmaKQAJ5BQsCqtx
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-