Overview
overview
10Static
static
e7184319f8...7e.exe
windows7-x64
10e7184319f8...7e.exe
windows10-1703-x64
10e7184319f8...7e.exe
windows10-2004-x64
10e7184319f8...7e.exe
windows11-21h2-x64
e7184319f8...7e.exe
android-10-x64
e7184319f8...7e.exe
android-11-x64
e7184319f8...7e.exe
android-9-x86
e7184319f8...7e.exe
macos-10.15-amd64
1e7184319f8...7e.exe
debian-9-armhf
e7184319f8...7e.exe
debian-9-mips
e7184319f8...7e.exe
debian-9-mipsel
e7184319f8...7e.exe
ubuntu-18.04-amd64
General
-
Target
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e
-
Size
375KB
-
Sample
220806-c2bnjahehm
-
MD5
94e5d015983b0f92d45fe3e42b285607
-
SHA1
5ae548731a6310c2b7d7243b699d12109d4bb5ca
-
SHA256
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e
-
SHA512
cff6d560a86df3aa565c46e2ff6937d3039c8f82af7689d2db9b0c31e254ef523aed4c437ed06900c0381d68b2fd9eb9cda7e5e4696c2b6b5f40702449fcb800
Static task
static1
Behavioral task
behavioral1
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
win10-20220718-en
Behavioral task
behavioral3
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
win10v2004-20220721-en
Behavioral task
behavioral4
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
win11-20220223-en
Behavioral task
behavioral5
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
android-x64-20220621-en
Behavioral task
behavioral6
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
android-x64-arm64-20220621-en
Behavioral task
behavioral7
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
android-x86-arm-20220621-en
Behavioral task
behavioral8
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
macos-20220504-en
Behavioral task
behavioral9
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral10
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral11
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
debian9-mipsel-en-20211208
Behavioral task
behavioral12
Sample
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e.exe
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e
-
Size
375KB
-
MD5
94e5d015983b0f92d45fe3e42b285607
-
SHA1
5ae548731a6310c2b7d7243b699d12109d4bb5ca
-
SHA256
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e
-
SHA512
cff6d560a86df3aa565c46e2ff6937d3039c8f82af7689d2db9b0c31e254ef523aed4c437ed06900c0381d68b2fd9eb9cda7e5e4696c2b6b5f40702449fcb800
-
Gh0st RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-