General
-
Target
2b996b0c447b4778b2cee50d14404b12f54a6d2698374c7159b5a5a988ac6529
-
Size
403KB
-
Sample
240425-bpn8esch3s
-
MD5
e99773e1bacf395199dbdd905ee26591
-
SHA1
eb0f46bed333bfc77537465a3f6ea1f6a163b32d
-
SHA256
2b996b0c447b4778b2cee50d14404b12f54a6d2698374c7159b5a5a988ac6529
-
SHA512
c212094c5d4486bfbae83c6f356c696bcf1cb2db044199ccfd63e9d97bb73c43f920ea9122d91a1c11821ebe02b6992f79d53d23526a602a7bb5b5d500d0b06d
-
SSDEEP
6144:R3wnORugzRRFonQZnTyESQpg/rKjWAvG17t1aWZM1iIJC/v4ZF:lwn+uERkQZT4Wg/r/B17t1aWZQ5C/wZF
Static task
static1
Behavioral task
behavioral1
Sample
2b996b0c447b4778b2cee50d14404b12f54a6d2698374c7159b5a5a988ac6529.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.76
-
url_path
/3cd2b41cbde8fc9c.php
Targets
-
-
Target
2b996b0c447b4778b2cee50d14404b12f54a6d2698374c7159b5a5a988ac6529
-
Size
403KB
-
MD5
e99773e1bacf395199dbdd905ee26591
-
SHA1
eb0f46bed333bfc77537465a3f6ea1f6a163b32d
-
SHA256
2b996b0c447b4778b2cee50d14404b12f54a6d2698374c7159b5a5a988ac6529
-
SHA512
c212094c5d4486bfbae83c6f356c696bcf1cb2db044199ccfd63e9d97bb73c43f920ea9122d91a1c11821ebe02b6992f79d53d23526a602a7bb5b5d500d0b06d
-
SSDEEP
6144:R3wnORugzRRFonQZnTyESQpg/rKjWAvG17t1aWZM1iIJC/v4ZF:lwn+uERkQZT4Wg/r/B17t1aWZQ5C/wZF
-
Detect ZGRat V1
-
Detects Arechclient2 RAT
Arechclient2.
-
SectopRAT payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-