General
-
Target
a87ba1ea4d91b34a5bd332e96b2b69d1a850ce0510247429673bb72fc4f8f304.exe
-
Size
3.5MB
-
Sample
240503-ccdftscb9z
-
MD5
237c473b91af5dd9556c64012ecfc391
-
SHA1
b43db706c301f3c1acfe8f51c9364e524fd61aa5
-
SHA256
a87ba1ea4d91b34a5bd332e96b2b69d1a850ce0510247429673bb72fc4f8f304
-
SHA512
52d54b533e1aaa959384e470879215aaebed1de68d43c76399b618689b6a0a95e7e329cb84899062dccfbb828356ea61ad9b43f24884d4848271851e8a78fc72
-
SSDEEP
98304:IUnOeq/u5u5fbHFWNAyEtSJDghmoWGd8Z6:IAub4N62D6JDd06
Behavioral task
behavioral1
Sample
a87ba1ea4d91b34a5bd332e96b2b69d1a850ce0510247429673bb72fc4f8f304.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
a87ba1ea4d91b34a5bd332e96b2b69d1a850ce0510247429673bb72fc4f8f304.exe
-
Size
3.5MB
-
MD5
237c473b91af5dd9556c64012ecfc391
-
SHA1
b43db706c301f3c1acfe8f51c9364e524fd61aa5
-
SHA256
a87ba1ea4d91b34a5bd332e96b2b69d1a850ce0510247429673bb72fc4f8f304
-
SHA512
52d54b533e1aaa959384e470879215aaebed1de68d43c76399b618689b6a0a95e7e329cb84899062dccfbb828356ea61ad9b43f24884d4848271851e8a78fc72
-
SSDEEP
98304:IUnOeq/u5u5fbHFWNAyEtSJDghmoWGd8Z6:IAub4N62D6JDd06
-
Detect ZGRat V1
-
Detects executables packed with unregistered version of .NET Reactor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-