General
-
Target
0e76c6256a49de400077255804df20d9ec8863bd9ee5b7b507993b41a23a8efb
-
Size
418KB
-
Sample
240427-e6fjdsbh4x
-
MD5
9c141c2f45b1fc789e7cf57bfcc33b54
-
SHA1
9c825af2ba6f41ae44bf27651f03781b26eb0d27
-
SHA256
0e76c6256a49de400077255804df20d9ec8863bd9ee5b7b507993b41a23a8efb
-
SHA512
57128983633a93e7ef4f2d1ec667dd10a6789a5dc7d8b8f11e40321730392f6f042045641c21ec3d2bcc6a5c87440197fb238fc2b51fa31b21dc6893fe2184eb
-
SSDEEP
6144:77moGeb6RptVKAv+9sWfx/eLmt6SAQeVTEu680BXs+tTbAl:77+ebCV9LWfx/zUSKVQushT8l
Static task
static1
Behavioral task
behavioral1
Sample
0e76c6256a49de400077255804df20d9ec8863bd9ee5b7b507993b41a23a8efb.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
stealc
http://185.172.128.76
-
url_path
/3cd2b41cbde8fc9c.php
Targets
-
-
Target
0e76c6256a49de400077255804df20d9ec8863bd9ee5b7b507993b41a23a8efb
-
Size
418KB
-
MD5
9c141c2f45b1fc789e7cf57bfcc33b54
-
SHA1
9c825af2ba6f41ae44bf27651f03781b26eb0d27
-
SHA256
0e76c6256a49de400077255804df20d9ec8863bd9ee5b7b507993b41a23a8efb
-
SHA512
57128983633a93e7ef4f2d1ec667dd10a6789a5dc7d8b8f11e40321730392f6f042045641c21ec3d2bcc6a5c87440197fb238fc2b51fa31b21dc6893fe2184eb
-
SSDEEP
6144:77moGeb6RptVKAv+9sWfx/eLmt6SAQeVTEu680BXs+tTbAl:77+ebCV9LWfx/zUSKVQushT8l
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-