General
-
Target
0fdd48b7ab83a5aa1597a4a96de96f782131515b29b84dc7b226f54525a6aeb1
-
Size
411KB
-
Sample
240425-lt52vahe8z
-
MD5
cfa7711209f5912da9e7395c673c41f6
-
SHA1
cc59c17cca1fb84a9e50fffe02af3653d5d81941
-
SHA256
0fdd48b7ab83a5aa1597a4a96de96f782131515b29b84dc7b226f54525a6aeb1
-
SHA512
e35a1afe98c52f2f4be644e3a599cf4fbfba2eb0958654973f9acc01a83b6d1a3d3e654260179da8921674af15ee7a39628d0216beed414b78cd6c0fc4d53a9d
-
SSDEEP
6144:I+x1ShTyz9EqOq21LVVb7ZpK2FoICp+fGqhDbSe8Lbp779ZLzW6a:9xo2X2xV1ZpKJICpZqR2bdhc6a
Static task
static1
Behavioral task
behavioral1
Sample
0fdd48b7ab83a5aa1597a4a96de96f782131515b29b84dc7b226f54525a6aeb1.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
0fdd48b7ab83a5aa1597a4a96de96f782131515b29b84dc7b226f54525a6aeb1.exe
Resource
win11-20240412-en
Malware Config
Targets
-
-
Target
0fdd48b7ab83a5aa1597a4a96de96f782131515b29b84dc7b226f54525a6aeb1
-
Size
411KB
-
MD5
cfa7711209f5912da9e7395c673c41f6
-
SHA1
cc59c17cca1fb84a9e50fffe02af3653d5d81941
-
SHA256
0fdd48b7ab83a5aa1597a4a96de96f782131515b29b84dc7b226f54525a6aeb1
-
SHA512
e35a1afe98c52f2f4be644e3a599cf4fbfba2eb0958654973f9acc01a83b6d1a3d3e654260179da8921674af15ee7a39628d0216beed414b78cd6c0fc4d53a9d
-
SSDEEP
6144:I+x1ShTyz9EqOq21LVVb7ZpK2FoICp+fGqhDbSe8Lbp779ZLzW6a:9xo2X2xV1ZpKJICpZqR2bdhc6a
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-