General
-
Target
fe7cde83865e3066410200f855f53387ee7937808830c28557eb2d4ada57955c
-
Size
412KB
-
Sample
240425-h3xkaagg5s
-
MD5
e6a6f54fb83bc88e318198fa49a8daac
-
SHA1
9b147bc470f2fcecc4eb1bb87ee98c83e065327b
-
SHA256
fe7cde83865e3066410200f855f53387ee7937808830c28557eb2d4ada57955c
-
SHA512
6966d1f6f09b9be1b47f6fb1ef1cd74128881448ec96f065ac47c074c103c3277f982aa865e51c3b0cb96a385f1f83c9b1c739e40aac3d79582370edfdce22f2
-
SSDEEP
6144:S3vNF93i2XZW6NlsS8qNSRk73O9B0qppnH9oH6I:MNd5H7+9n7dQ6I
Static task
static1
Behavioral task
behavioral1
Sample
fe7cde83865e3066410200f855f53387ee7937808830c28557eb2d4ada57955c.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fe7cde83865e3066410200f855f53387ee7937808830c28557eb2d4ada57955c
-
Size
412KB
-
MD5
e6a6f54fb83bc88e318198fa49a8daac
-
SHA1
9b147bc470f2fcecc4eb1bb87ee98c83e065327b
-
SHA256
fe7cde83865e3066410200f855f53387ee7937808830c28557eb2d4ada57955c
-
SHA512
6966d1f6f09b9be1b47f6fb1ef1cd74128881448ec96f065ac47c074c103c3277f982aa865e51c3b0cb96a385f1f83c9b1c739e40aac3d79582370edfdce22f2
-
SSDEEP
6144:S3vNF93i2XZW6NlsS8qNSRk73O9B0qppnH9oH6I:MNd5H7+9n7dQ6I
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-