General
-
Target
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e
-
Size
375KB
-
Sample
220806-cx9prscac3
-
MD5
94e5d015983b0f92d45fe3e42b285607
-
SHA1
5ae548731a6310c2b7d7243b699d12109d4bb5ca
-
SHA256
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e
-
SHA512
cff6d560a86df3aa565c46e2ff6937d3039c8f82af7689d2db9b0c31e254ef523aed4c437ed06900c0381d68b2fd9eb9cda7e5e4696c2b6b5f40702449fcb800
Static task
static1
Malware Config
Targets
-
-
Target
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e
-
Size
375KB
-
MD5
94e5d015983b0f92d45fe3e42b285607
-
SHA1
5ae548731a6310c2b7d7243b699d12109d4bb5ca
-
SHA256
e7184319f8bcc00d6e9f17542b917c537d6e21e0f068c367d360c44afd7f817e
-
SHA512
cff6d560a86df3aa565c46e2ff6937d3039c8f82af7689d2db9b0c31e254ef523aed4c437ed06900c0381d68b2fd9eb9cda7e5e4696c2b6b5f40702449fcb800
-
Gh0st RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-