General
-
Target
04bf38fcee8a6fbf7e7d99d45028f9b31b20b1a69ba1f2ec32572969312e0e45
-
Size
405KB
-
Sample
240426-jvy9kscc52
-
MD5
d82caa9c7e47ea53cd4cd3e7b2bf1523
-
SHA1
3a19506a124082ef602285ed6c33e38ead32dfe2
-
SHA256
04bf38fcee8a6fbf7e7d99d45028f9b31b20b1a69ba1f2ec32572969312e0e45
-
SHA512
e13d2a797e2662168df9d6a85168f537f1f3b138ab7dd8f39476013266c11b7a6300c124502de723f0219cd05ea39cc7b22f67743d5243f011ac487b0767a21f
-
SSDEEP
12288:hOatvTLg/5HI+WnM93ss5WAlYjGJqMh8nbwr:hjM5HsnMNmtSchnbwr
Static task
static1
Behavioral task
behavioral1
Sample
04bf38fcee8a6fbf7e7d99d45028f9b31b20b1a69ba1f2ec32572969312e0e45.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
04bf38fcee8a6fbf7e7d99d45028f9b31b20b1a69ba1f2ec32572969312e0e45
-
Size
405KB
-
MD5
d82caa9c7e47ea53cd4cd3e7b2bf1523
-
SHA1
3a19506a124082ef602285ed6c33e38ead32dfe2
-
SHA256
04bf38fcee8a6fbf7e7d99d45028f9b31b20b1a69ba1f2ec32572969312e0e45
-
SHA512
e13d2a797e2662168df9d6a85168f537f1f3b138ab7dd8f39476013266c11b7a6300c124502de723f0219cd05ea39cc7b22f67743d5243f011ac487b0767a21f
-
SSDEEP
12288:hOatvTLg/5HI+WnM93ss5WAlYjGJqMh8nbwr:hjM5HsnMNmtSchnbwr
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-