General
-
Target
d638060a4d128d39dc41e6e9c49ae407433d69f56114b616e950449a0fa551e2
-
Size
416KB
-
Sample
240425-fl8j4sfh6y
-
MD5
b711b9e924a2afa92a03b9430125a77a
-
SHA1
8d15b6fba8a69567d7c8b81ef64550683f7748ed
-
SHA256
d638060a4d128d39dc41e6e9c49ae407433d69f56114b616e950449a0fa551e2
-
SHA512
e3e118a5b476f4bc413bb19af7b59b2426aed2b07a9b934f81a0d5043c03eee452acd5b30ee66d4b55d536be4760a7b6e1f42a75003f78ce7ca799c4018fb9a2
-
SSDEEP
12288:BFc5MyBQNGCCIYu7GJ9QICQfEHVmJspaq:BOdWNYIx7W90uEaq
Static task
static1
Behavioral task
behavioral1
Sample
d638060a4d128d39dc41e6e9c49ae407433d69f56114b616e950449a0fa551e2.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
d638060a4d128d39dc41e6e9c49ae407433d69f56114b616e950449a0fa551e2
-
Size
416KB
-
MD5
b711b9e924a2afa92a03b9430125a77a
-
SHA1
8d15b6fba8a69567d7c8b81ef64550683f7748ed
-
SHA256
d638060a4d128d39dc41e6e9c49ae407433d69f56114b616e950449a0fa551e2
-
SHA512
e3e118a5b476f4bc413bb19af7b59b2426aed2b07a9b934f81a0d5043c03eee452acd5b30ee66d4b55d536be4760a7b6e1f42a75003f78ce7ca799c4018fb9a2
-
SSDEEP
12288:BFc5MyBQNGCCIYu7GJ9QICQfEHVmJspaq:BOdWNYIx7W90uEaq
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-