General
-
Target
0968642a950d9e72abd3dd209b2afdc1c2da07c581f6c4926d451cc5e44c0df7
-
Size
476KB
-
Sample
240425-a47smscd42
-
MD5
b3dc9fc52e17387fe7473779cda9fe08
-
SHA1
7717fef10e5f4e3584c1e0b5c34684e455005b70
-
SHA256
0968642a950d9e72abd3dd209b2afdc1c2da07c581f6c4926d451cc5e44c0df7
-
SHA512
0d0c16d6816708580dc697f219d70697d9e1759da5b72e019b2799d02381b5372628e3ea5e60855abd19eb76308e362341ab52ddbf08b9c707bc9e99abab0f28
-
SSDEEP
12288:tOlwyGqMW+ccQvLyBxzkLjQSDolWm6NsqwUwoECF:tYEbIuBxwQSEl4NwUworF
Static task
static1
Behavioral task
behavioral1
Sample
0968642a950d9e72abd3dd209b2afdc1c2da07c581f6c4926d451cc5e44c0df7.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.76
-
url_path
/3cd2b41cbde8fc9c.php
Targets
-
-
Target
0968642a950d9e72abd3dd209b2afdc1c2da07c581f6c4926d451cc5e44c0df7
-
Size
476KB
-
MD5
b3dc9fc52e17387fe7473779cda9fe08
-
SHA1
7717fef10e5f4e3584c1e0b5c34684e455005b70
-
SHA256
0968642a950d9e72abd3dd209b2afdc1c2da07c581f6c4926d451cc5e44c0df7
-
SHA512
0d0c16d6816708580dc697f219d70697d9e1759da5b72e019b2799d02381b5372628e3ea5e60855abd19eb76308e362341ab52ddbf08b9c707bc9e99abab0f28
-
SSDEEP
12288:tOlwyGqMW+ccQvLyBxzkLjQSDolWm6NsqwUwoECF:tYEbIuBxwQSEl4NwUworF
-
Detect ZGRat V1
-
Detects Arechclient2 RAT
Arechclient2.
-
SectopRAT payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-