General
-
Target
d15e9213de12bd59d8c28d96e76b73d8c5c3eda4aade9028fc9c1e28a7dccc32
-
Size
411KB
-
Sample
240425-lwzb3she91
-
MD5
7ceccb5c47e2fc2dd9b2fdad41c16935
-
SHA1
0ba4733ca7f1a529eb99245ad349aab597013e36
-
SHA256
d15e9213de12bd59d8c28d96e76b73d8c5c3eda4aade9028fc9c1e28a7dccc32
-
SHA512
c5d507aecf1c0eb339bd36d9562aa3bb8405bf08131a5e60b8befecf09f8d71af46394140c690e72fd220d91d66655eebb4c50b6d0c72a5dd9c348081cb17e7a
-
SSDEEP
6144:I+x1ShTyz9EqOq21LVVb7ZpK2FoICp+fGqhDbSe8Lbp779ZLzW6V:9xo2X2xV1ZpKJICpZqR2bdhc6V
Static task
static1
Behavioral task
behavioral1
Sample
d15e9213de12bd59d8c28d96e76b73d8c5c3eda4aade9028fc9c1e28a7dccc32.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
d15e9213de12bd59d8c28d96e76b73d8c5c3eda4aade9028fc9c1e28a7dccc32
-
Size
411KB
-
MD5
7ceccb5c47e2fc2dd9b2fdad41c16935
-
SHA1
0ba4733ca7f1a529eb99245ad349aab597013e36
-
SHA256
d15e9213de12bd59d8c28d96e76b73d8c5c3eda4aade9028fc9c1e28a7dccc32
-
SHA512
c5d507aecf1c0eb339bd36d9562aa3bb8405bf08131a5e60b8befecf09f8d71af46394140c690e72fd220d91d66655eebb4c50b6d0c72a5dd9c348081cb17e7a
-
SSDEEP
6144:I+x1ShTyz9EqOq21LVVb7ZpK2FoICp+fGqhDbSe8Lbp779ZLzW6V:9xo2X2xV1ZpKJICpZqR2bdhc6V
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-