General
-
Target
b5cce2357dcac650b6551dc01a7c7f77f566843e49b134680fe30570bac2a8d5
-
Size
416KB
-
Sample
240425-ffl4xsfg51
-
MD5
af7be782fc154051c153e88fb3c9fb76
-
SHA1
d539a70511a1cf0117a198c148f8b467e013397a
-
SHA256
b5cce2357dcac650b6551dc01a7c7f77f566843e49b134680fe30570bac2a8d5
-
SHA512
e3fa8adbe9aa41245143900cc0306b25396cfa01aef9b5ad51d4ab5a786a99307a57ed2eb6a1b51ad6143f6471a338dc34c434a2e1e230bd4b6a8c375af8fbe7
-
SSDEEP
12288:BFc5MyBQNGCCIYu7GJ9QICQfEHVmJspav:BOdWNYIx7W90uEav
Static task
static1
Behavioral task
behavioral1
Sample
b5cce2357dcac650b6551dc01a7c7f77f566843e49b134680fe30570bac2a8d5.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
b5cce2357dcac650b6551dc01a7c7f77f566843e49b134680fe30570bac2a8d5
-
Size
416KB
-
MD5
af7be782fc154051c153e88fb3c9fb76
-
SHA1
d539a70511a1cf0117a198c148f8b467e013397a
-
SHA256
b5cce2357dcac650b6551dc01a7c7f77f566843e49b134680fe30570bac2a8d5
-
SHA512
e3fa8adbe9aa41245143900cc0306b25396cfa01aef9b5ad51d4ab5a786a99307a57ed2eb6a1b51ad6143f6471a338dc34c434a2e1e230bd4b6a8c375af8fbe7
-
SSDEEP
12288:BFc5MyBQNGCCIYu7GJ9QICQfEHVmJspav:BOdWNYIx7W90uEav
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-