General
-
Target
c1c1c731837678aaa5c168a11f6fb5f103eca47ee137198977e46aca08ae6d46
-
Size
406KB
-
Sample
240426-fn3fwaac2t
-
MD5
d68424b627763ea5a05c682424d60b82
-
SHA1
8647dab8df5cd9c4be3147e5d0e0db217ffb60ee
-
SHA256
c1c1c731837678aaa5c168a11f6fb5f103eca47ee137198977e46aca08ae6d46
-
SHA512
cea084a17c5d277998618c01fd3bc8ca61ff34180f0d262d56e620c0d42237991cab066a8ab9b53f6440af1e077717f52f89b5136b64928cc6a2bc934300c3af
-
SSDEEP
12288:vnCNuxzdlcGaoloHcJu4ysZCRzh8nkIrw:vCGdleCCgCRCnkIrw
Static task
static1
Behavioral task
behavioral1
Sample
c1c1c731837678aaa5c168a11f6fb5f103eca47ee137198977e46aca08ae6d46.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
c1c1c731837678aaa5c168a11f6fb5f103eca47ee137198977e46aca08ae6d46
-
Size
406KB
-
MD5
d68424b627763ea5a05c682424d60b82
-
SHA1
8647dab8df5cd9c4be3147e5d0e0db217ffb60ee
-
SHA256
c1c1c731837678aaa5c168a11f6fb5f103eca47ee137198977e46aca08ae6d46
-
SHA512
cea084a17c5d277998618c01fd3bc8ca61ff34180f0d262d56e620c0d42237991cab066a8ab9b53f6440af1e077717f52f89b5136b64928cc6a2bc934300c3af
-
SSDEEP
12288:vnCNuxzdlcGaoloHcJu4ysZCRzh8nkIrw:vCGdleCCgCRCnkIrw
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-