General
-
Target
480b540cb344d74306d03347658b2018a4b8504f4055ad15ba43456953d7b33c
-
Size
416KB
-
Sample
240425-fe63psff37
-
MD5
41de8e3e7412b6e97b60fdbfdd24b0ba
-
SHA1
fa48e5a86b5f2b04b79f6c3459339a16c2db6aaa
-
SHA256
480b540cb344d74306d03347658b2018a4b8504f4055ad15ba43456953d7b33c
-
SHA512
d25d39fcbbc59677f4090ac5422c121d45c2085bfdb16adb7f8854a365636ac7baf42f74ccb435e11b1c355c83c28d80bfb58d8495e0d5ab2f59f3987390a1d5
-
SSDEEP
12288:BFc5MyBQNGCCIYu7GJ9QICQfEHVmJspao:BOdWNYIx7W90uEao
Static task
static1
Behavioral task
behavioral1
Sample
480b540cb344d74306d03347658b2018a4b8504f4055ad15ba43456953d7b33c.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
480b540cb344d74306d03347658b2018a4b8504f4055ad15ba43456953d7b33c
-
Size
416KB
-
MD5
41de8e3e7412b6e97b60fdbfdd24b0ba
-
SHA1
fa48e5a86b5f2b04b79f6c3459339a16c2db6aaa
-
SHA256
480b540cb344d74306d03347658b2018a4b8504f4055ad15ba43456953d7b33c
-
SHA512
d25d39fcbbc59677f4090ac5422c121d45c2085bfdb16adb7f8854a365636ac7baf42f74ccb435e11b1c355c83c28d80bfb58d8495e0d5ab2f59f3987390a1d5
-
SSDEEP
12288:BFc5MyBQNGCCIYu7GJ9QICQfEHVmJspao:BOdWNYIx7W90uEao
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-