Analysis
-
max time kernel
140s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
25-07-2024 01:02
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
LisectAVT_2403002B_191.exe
Resource
win7-20240708-en
2 signatures
150 seconds
General
-
Target
LisectAVT_2403002B_191.exe
-
Size
767KB
-
MD5
e5abfd692dfbe2e054b12d6c8758bd4a
-
SHA1
18a4b6f44fce7c7fb68a953d3044f2b5a61108ab
-
SHA256
a8fb63a86d620269b9e8179351f3c85d74b5c526cc4fc4ded6fcd3a1977ec936
-
SHA512
e1d5a2ee4b0768961c21c1d917bcbff36a01b7b93d9b39d2200a94799679876164428548c8ba1611bbc64411aa516d64d8efcebd4d4b86ba513763e1bc73e41c
-
SSDEEP
12288:Re1caCQXzPHUjF6eV7vbCfzYUjWuZwhG+BDMzwl:ReGQDP0j8Q7TCL2uZZUDMz
Malware Config
Signatures
-
Detects HZRAT backdoor 4 IoCs
Processes:
resource yara_rule behavioral1/memory/1504-1-0x0000000000400000-0x00000000004B9000-memory.dmp family_hzrat behavioral1/memory/1504-2-0x0000000000400000-0x00000000004B9000-memory.dmp family_hzrat behavioral1/memory/1504-4-0x0000000000400000-0x00000000004B9000-memory.dmp family_hzrat behavioral1/memory/1504-6-0x0000000000400000-0x00000000004B9000-memory.dmp family_hzrat