General
-
Target
7af139fb85fc967d6697b920bef5f45d12b79ff0f18e7f7a516b96ef1bbdc503
-
Size
394KB
-
Sample
240427-fyjfracf6z
-
MD5
3649216b2d6ea1db856be9511ba5f777
-
SHA1
331e04836bebf0360d905c0f3198c3c7353fc0c2
-
SHA256
7af139fb85fc967d6697b920bef5f45d12b79ff0f18e7f7a516b96ef1bbdc503
-
SHA512
bbd4714e0f6abf79e1a472b63acb66037e19c5b8ee0b39497af9de1a6b39369be654f3ad4cbb1b1cf2f88f50227e8fa2848d399c5cf0d3209993555da13f3940
-
SSDEEP
6144:fsJVip+l5fK53hCfPr+ICF1ggQyGiezkMza4:fszip+7K52P/+tQdq4
Static task
static1
Behavioral task
behavioral1
Sample
7af139fb85fc967d6697b920bef5f45d12b79ff0f18e7f7a516b96ef1bbdc503.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
stealc
http://185.172.128.76
-
url_path
/3cd2b41cbde8fc9c.php
Targets
-
-
Target
7af139fb85fc967d6697b920bef5f45d12b79ff0f18e7f7a516b96ef1bbdc503
-
Size
394KB
-
MD5
3649216b2d6ea1db856be9511ba5f777
-
SHA1
331e04836bebf0360d905c0f3198c3c7353fc0c2
-
SHA256
7af139fb85fc967d6697b920bef5f45d12b79ff0f18e7f7a516b96ef1bbdc503
-
SHA512
bbd4714e0f6abf79e1a472b63acb66037e19c5b8ee0b39497af9de1a6b39369be654f3ad4cbb1b1cf2f88f50227e8fa2848d399c5cf0d3209993555da13f3940
-
SSDEEP
6144:fsJVip+l5fK53hCfPr+ICF1ggQyGiezkMza4:fszip+7K52P/+tQdq4
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-