General
-
Target
68921a542f53732f88749b7ce2520fb76dbe7f44010bfcf66facc34618a8dd66
-
Size
406KB
-
Sample
240425-eww4dsfb24
-
MD5
cd0097d23862361e8c87af83bad3880b
-
SHA1
8fe582ab879fedc228e3074396cdcdf0a44c9326
-
SHA256
68921a542f53732f88749b7ce2520fb76dbe7f44010bfcf66facc34618a8dd66
-
SHA512
724694f12886dee467509e0aa2541038755e537fbaf4517d48ec7a80a0103662f92417df00c12b63a554c66d5cab5546f12c275d38d15b0d9bc9ff566e004cb2
-
SSDEEP
6144:ZAuhQxtgcHEOgazi/NtXZ8mzVoq/6Jj4M2T1sRg9ivUUfFURO6dEL4tOKrf:ZAuhQTg22NzVoPSMSsRkUfu/dELuOKrf
Static task
static1
Behavioral task
behavioral1
Sample
68921a542f53732f88749b7ce2520fb76dbe7f44010bfcf66facc34618a8dd66.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
68921a542f53732f88749b7ce2520fb76dbe7f44010bfcf66facc34618a8dd66
-
Size
406KB
-
MD5
cd0097d23862361e8c87af83bad3880b
-
SHA1
8fe582ab879fedc228e3074396cdcdf0a44c9326
-
SHA256
68921a542f53732f88749b7ce2520fb76dbe7f44010bfcf66facc34618a8dd66
-
SHA512
724694f12886dee467509e0aa2541038755e537fbaf4517d48ec7a80a0103662f92417df00c12b63a554c66d5cab5546f12c275d38d15b0d9bc9ff566e004cb2
-
SSDEEP
6144:ZAuhQxtgcHEOgazi/NtXZ8mzVoq/6Jj4M2T1sRg9ivUUfFURO6dEL4tOKrf:ZAuhQTg22NzVoPSMSsRkUfu/dELuOKrf
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-