General
-
Target
a4a6f36b13b24e595d97d22205acadad91bda33e1ad608fb914a59b4b9c13ef2
-
Size
944KB
-
Sample
220516-t2rhesahb7
-
MD5
e4f4b58d13524ae7521d07274eabc0f0
-
SHA1
0cb88305e8e0e8a9dea1db8025caede6f6f256bb
-
SHA256
a4a6f36b13b24e595d97d22205acadad91bda33e1ad608fb914a59b4b9c13ef2
-
SHA512
8593105fa62843dd144a900ddb1ae9f4ffda76549f240166418c10b585e5c8df9397a0c3eef7215e1784d103c6a3ab578efd1aaf63b76852d310890d7d262b4d
Static task
static1
Behavioral task
behavioral1
Sample
a4a6f36b13b24e595d97d22205acadad91bda33e1ad608fb914a59b4b9c13ef2.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
a4a6f36b13b24e595d97d22205acadad91bda33e1ad608fb914a59b4b9c13ef2
-
Size
944KB
-
MD5
e4f4b58d13524ae7521d07274eabc0f0
-
SHA1
0cb88305e8e0e8a9dea1db8025caede6f6f256bb
-
SHA256
a4a6f36b13b24e595d97d22205acadad91bda33e1ad608fb914a59b4b9c13ef2
-
SHA512
8593105fa62843dd144a900ddb1ae9f4ffda76549f240166418c10b585e5c8df9397a0c3eef7215e1784d103c6a3ab578efd1aaf63b76852d310890d7d262b4d
-
Gh0st RAT payload
-
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
-
XMRig Miner Payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops file in System32 directory
-