General
-
Target
7e446910eb4487094a244ea4299e733897dff1eabe6cbf1bd3952b73bdadedc0
-
Size
375KB
-
Sample
220806-gvkp3sbdbn
-
MD5
d25703874ff5b46f76ce906d5d3f7b80
-
SHA1
6c0dbe6fdfd175ec93c460627e4029bb4277b871
-
SHA256
7e446910eb4487094a244ea4299e733897dff1eabe6cbf1bd3952b73bdadedc0
-
SHA512
c1abdbb580a231908a46e46a4e41612561aaad1b4d6b354b006d3011beba8867e6c5d45a28dae8db73d4ff87ddcda65e612ef0d8abdc4b09bc97a835cfffe79f
Static task
static1
Malware Config
Targets
-
-
Target
7e446910eb4487094a244ea4299e733897dff1eabe6cbf1bd3952b73bdadedc0
-
Size
375KB
-
MD5
d25703874ff5b46f76ce906d5d3f7b80
-
SHA1
6c0dbe6fdfd175ec93c460627e4029bb4277b871
-
SHA256
7e446910eb4487094a244ea4299e733897dff1eabe6cbf1bd3952b73bdadedc0
-
SHA512
c1abdbb580a231908a46e46a4e41612561aaad1b4d6b354b006d3011beba8867e6c5d45a28dae8db73d4ff87ddcda65e612ef0d8abdc4b09bc97a835cfffe79f
-
Gh0st RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-