General
-
Target
0b13c8929f88d8e7190efb1d2ad9b0f3c8d4dd7cd983a9345ce96f6a1a13a3f0
-
Size
418KB
-
Sample
240427-e7p48abb29
-
MD5
ddaa6240a71a2a65f56e7bd5bfa9a18d
-
SHA1
1e90028aeee056dc079dac213bba080ca774edf2
-
SHA256
0b13c8929f88d8e7190efb1d2ad9b0f3c8d4dd7cd983a9345ce96f6a1a13a3f0
-
SHA512
106b593a22668e6c745a4eeb18571a34eebef637aa956fd9d65033976b23fb6c2d079ff6a5915455fc09dc6cd3fd312ec79faf672f0fc49de4ff6e880f651ffc
-
SSDEEP
6144:77moGeb6RptVKAv+9sWfx/eLmt6SAQeVTEu680BXs+tTbAq:77+ebCV9LWfx/zUSKVQushT8q
Static task
static1
Behavioral task
behavioral1
Sample
0b13c8929f88d8e7190efb1d2ad9b0f3c8d4dd7cd983a9345ce96f6a1a13a3f0.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
stealc
http://185.172.128.76
-
url_path
/3cd2b41cbde8fc9c.php
Targets
-
-
Target
0b13c8929f88d8e7190efb1d2ad9b0f3c8d4dd7cd983a9345ce96f6a1a13a3f0
-
Size
418KB
-
MD5
ddaa6240a71a2a65f56e7bd5bfa9a18d
-
SHA1
1e90028aeee056dc079dac213bba080ca774edf2
-
SHA256
0b13c8929f88d8e7190efb1d2ad9b0f3c8d4dd7cd983a9345ce96f6a1a13a3f0
-
SHA512
106b593a22668e6c745a4eeb18571a34eebef637aa956fd9d65033976b23fb6c2d079ff6a5915455fc09dc6cd3fd312ec79faf672f0fc49de4ff6e880f651ffc
-
SSDEEP
6144:77moGeb6RptVKAv+9sWfx/eLmt6SAQeVTEu680BXs+tTbAq:77+ebCV9LWfx/zUSKVQushT8q
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-