General
-
Target
2a4463508a9e92e02ab37666bde35053ab8a0f449abdb54efa436274522578a5
-
Size
412KB
-
Sample
240425-h4qs5agg6s
-
MD5
e664e8b15d8f58886c15f2a710c458ea
-
SHA1
c15bdf45a9d58dcd5d0faac8e80cdcfc8fd8da27
-
SHA256
2a4463508a9e92e02ab37666bde35053ab8a0f449abdb54efa436274522578a5
-
SHA512
bd60c4e7c84f0bfa29036336a94491f18e3d458a606a3c4ea2e8d311ff4a0206f0b3854c1ec8a6724b74f799a9983583111cc8fe5c8247e89b9aaafcfc1ca13c
-
SSDEEP
6144:S3vNF93i2XZW6NlsS8qNSRk73O9B0qppnH9oH6P:MNd5H7+9n7dQ6P
Static task
static1
Behavioral task
behavioral1
Sample
2a4463508a9e92e02ab37666bde35053ab8a0f449abdb54efa436274522578a5.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2a4463508a9e92e02ab37666bde35053ab8a0f449abdb54efa436274522578a5
-
Size
412KB
-
MD5
e664e8b15d8f58886c15f2a710c458ea
-
SHA1
c15bdf45a9d58dcd5d0faac8e80cdcfc8fd8da27
-
SHA256
2a4463508a9e92e02ab37666bde35053ab8a0f449abdb54efa436274522578a5
-
SHA512
bd60c4e7c84f0bfa29036336a94491f18e3d458a606a3c4ea2e8d311ff4a0206f0b3854c1ec8a6724b74f799a9983583111cc8fe5c8247e89b9aaafcfc1ca13c
-
SSDEEP
6144:S3vNF93i2XZW6NlsS8qNSRk73O9B0qppnH9oH6P:MNd5H7+9n7dQ6P
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-