General
-
Target
60221f0af44c01f7425fbfc631667f7ebdc3bf6ce4f3fbdea239706d9d26e1a8
-
Size
405KB
-
Sample
240426-j2tbxacd4z
-
MD5
6a518e457ce2170480d1b42bbaa89244
-
SHA1
835ecd6de02f358c071cfa196db207498be0d4af
-
SHA256
60221f0af44c01f7425fbfc631667f7ebdc3bf6ce4f3fbdea239706d9d26e1a8
-
SHA512
b293684a1a7cdf80f095feab22fb9a7818430ee8da56bb0655ba38c1fac884cf198f654aa6e93cffeda92d1a6a51dfa26efa0aa9b1d1215ffb011c728c6c8042
-
SSDEEP
12288:hOatvTLg/5HI+WnM93ss5WAlYjGJqMh8nbwr6:hjM5HsnMNmtSchnbwr6
Static task
static1
Behavioral task
behavioral1
Sample
60221f0af44c01f7425fbfc631667f7ebdc3bf6ce4f3fbdea239706d9d26e1a8.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
60221f0af44c01f7425fbfc631667f7ebdc3bf6ce4f3fbdea239706d9d26e1a8
-
Size
405KB
-
MD5
6a518e457ce2170480d1b42bbaa89244
-
SHA1
835ecd6de02f358c071cfa196db207498be0d4af
-
SHA256
60221f0af44c01f7425fbfc631667f7ebdc3bf6ce4f3fbdea239706d9d26e1a8
-
SHA512
b293684a1a7cdf80f095feab22fb9a7818430ee8da56bb0655ba38c1fac884cf198f654aa6e93cffeda92d1a6a51dfa26efa0aa9b1d1215ffb011c728c6c8042
-
SSDEEP
12288:hOatvTLg/5HI+WnM93ss5WAlYjGJqMh8nbwr6:hjM5HsnMNmtSchnbwr6
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-