General
-
Target
cc9683dd62a0b9255a43b8c92e719fb85e29fb5c03c99124292beb426d2b0944
-
Size
405KB
-
Sample
240426-jzsycscd49
-
MD5
e46032c4823fc0d1e9cb05331f25bbbf
-
SHA1
c9f5fc908981d231bd4d11170a195fea8a7d3cd6
-
SHA256
cc9683dd62a0b9255a43b8c92e719fb85e29fb5c03c99124292beb426d2b0944
-
SHA512
2972b6fae903712622e0dd065bbe4e4e1f240ef642f3ca5ef7300708c1fddc805ae8700def68367eb85b82e0d801ceea9d5ce96b5ce8cfd032d6a81e00796b66
-
SSDEEP
12288:hOatvTLg/5HI+WnM93ss5WAlYjGJqMh8nbwr9:hjM5HsnMNmtSchnbwr9
Static task
static1
Behavioral task
behavioral1
Sample
cc9683dd62a0b9255a43b8c92e719fb85e29fb5c03c99124292beb426d2b0944.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
stealc
http://185.172.128.76
-
url_path
/3cd2b41cbde8fc9c.php
Targets
-
-
Target
cc9683dd62a0b9255a43b8c92e719fb85e29fb5c03c99124292beb426d2b0944
-
Size
405KB
-
MD5
e46032c4823fc0d1e9cb05331f25bbbf
-
SHA1
c9f5fc908981d231bd4d11170a195fea8a7d3cd6
-
SHA256
cc9683dd62a0b9255a43b8c92e719fb85e29fb5c03c99124292beb426d2b0944
-
SHA512
2972b6fae903712622e0dd065bbe4e4e1f240ef642f3ca5ef7300708c1fddc805ae8700def68367eb85b82e0d801ceea9d5ce96b5ce8cfd032d6a81e00796b66
-
SSDEEP
12288:hOatvTLg/5HI+WnM93ss5WAlYjGJqMh8nbwr9:hjM5HsnMNmtSchnbwr9
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-