General
-
Target
ceef57823876da46bbaf97cd3cf3c310be389f737bb55dbdb4f2305fa09594b7
-
Size
394KB
-
Sample
240427-kgdamafe4s
-
MD5
63f06615184f6df9cbde4673782a7f44
-
SHA1
143adb5ab302028d9d68f207e8c422e7d4ecbbab
-
SHA256
ceef57823876da46bbaf97cd3cf3c310be389f737bb55dbdb4f2305fa09594b7
-
SHA512
272bc9cec6a6a5d3fb725dc9d57ecfb06d8c04e0035b2d4417320a82077ae73aa2048b01bf8d7672e5a06b41c40054110143574cca11656b91af8adf1bb07740
-
SSDEEP
6144:sCkJFI6R8nSacs8foP5sn/3UufI5MhBECEwXG6L9FHUGEM62K:sCeLR/acs4oY+5MhfhV9FLK
Static task
static1
Behavioral task
behavioral1
Sample
ceef57823876da46bbaf97cd3cf3c310be389f737bb55dbdb4f2305fa09594b7.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
stealc
http://185.172.128.76
-
url_path
/3cd2b41cbde8fc9c.php
Targets
-
-
Target
ceef57823876da46bbaf97cd3cf3c310be389f737bb55dbdb4f2305fa09594b7
-
Size
394KB
-
MD5
63f06615184f6df9cbde4673782a7f44
-
SHA1
143adb5ab302028d9d68f207e8c422e7d4ecbbab
-
SHA256
ceef57823876da46bbaf97cd3cf3c310be389f737bb55dbdb4f2305fa09594b7
-
SHA512
272bc9cec6a6a5d3fb725dc9d57ecfb06d8c04e0035b2d4417320a82077ae73aa2048b01bf8d7672e5a06b41c40054110143574cca11656b91af8adf1bb07740
-
SSDEEP
6144:sCkJFI6R8nSacs8foP5sn/3UufI5MhBECEwXG6L9FHUGEM62K:sCeLR/acs4oY+5MhfhV9FLK
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-