General
-
Target
6db08506cc36a923f0fdd800047102f398db3dbabec34e31615ee09660bad167
-
Size
395KB
-
Sample
240426-akrx3sgd4v
-
MD5
6ce1c1803dc116ca7cf5a35622180d7c
-
SHA1
2b1e323b2551ad0aa6182255d324acd327b107b2
-
SHA256
6db08506cc36a923f0fdd800047102f398db3dbabec34e31615ee09660bad167
-
SHA512
6c04e87b7e993f516de6c9752554c4e481282dbd7a99fb854a65842e17e06c636162e3e44bd2582562581f8740b5693a208aa45dd3c330aeb1e66710a59f4551
-
SSDEEP
6144:P29OmUzW8qsGKCjyUeQ3KSJJHr1kWhr12uKej6RCM+8RPI:P2R67JCeU13K8JH1ZFKej/81I
Static task
static1
Behavioral task
behavioral1
Sample
6db08506cc36a923f0fdd800047102f398db3dbabec34e31615ee09660bad167.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
6db08506cc36a923f0fdd800047102f398db3dbabec34e31615ee09660bad167
-
Size
395KB
-
MD5
6ce1c1803dc116ca7cf5a35622180d7c
-
SHA1
2b1e323b2551ad0aa6182255d324acd327b107b2
-
SHA256
6db08506cc36a923f0fdd800047102f398db3dbabec34e31615ee09660bad167
-
SHA512
6c04e87b7e993f516de6c9752554c4e481282dbd7a99fb854a65842e17e06c636162e3e44bd2582562581f8740b5693a208aa45dd3c330aeb1e66710a59f4551
-
SSDEEP
6144:P29OmUzW8qsGKCjyUeQ3KSJJHr1kWhr12uKej6RCM+8RPI:P2R67JCeU13K8JH1ZFKej/81I
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-