General
-
Target
bdc17d6fb9d21c9bb5bcbf4d9ea8a7a9104d820a2f8745ff517c4580b397e18f
-
Size
406KB
-
Sample
240426-fxb1aaac69
-
MD5
8ed65694a3555b7240eddd1628777d4c
-
SHA1
e3d8a2c210aaa5370c7fa7fa086ac6f5b1150765
-
SHA256
bdc17d6fb9d21c9bb5bcbf4d9ea8a7a9104d820a2f8745ff517c4580b397e18f
-
SHA512
eedce00d4b8e5586519b4a205406ca3c7479a343776581b1438dc5ae2347c4741739daf8568501951d91373125d9f181964a0d9ed1cfa91c6dcfb4ec4e95aca5
-
SSDEEP
12288:vnCNuxzdlcGaoloHcJu4ysZCRzh8nkIry:vCGdleCCgCRCnkIry
Static task
static1
Behavioral task
behavioral1
Sample
bdc17d6fb9d21c9bb5bcbf4d9ea8a7a9104d820a2f8745ff517c4580b397e18f.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
bdc17d6fb9d21c9bb5bcbf4d9ea8a7a9104d820a2f8745ff517c4580b397e18f
-
Size
406KB
-
MD5
8ed65694a3555b7240eddd1628777d4c
-
SHA1
e3d8a2c210aaa5370c7fa7fa086ac6f5b1150765
-
SHA256
bdc17d6fb9d21c9bb5bcbf4d9ea8a7a9104d820a2f8745ff517c4580b397e18f
-
SHA512
eedce00d4b8e5586519b4a205406ca3c7479a343776581b1438dc5ae2347c4741739daf8568501951d91373125d9f181964a0d9ed1cfa91c6dcfb4ec4e95aca5
-
SSDEEP
12288:vnCNuxzdlcGaoloHcJu4ysZCRzh8nkIry:vCGdleCCgCRCnkIry
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-