General
-
Target
3582786dea00efb49bc3c0d0b78126924b4f7e93c7291295924772f995192924
-
Size
375KB
-
Sample
220806-hnmrjabgcm
-
MD5
dd75dc677619c805a18b99c041b35c45
-
SHA1
47f79998650a4ed25185ebd06b27097a7a143e4e
-
SHA256
3582786dea00efb49bc3c0d0b78126924b4f7e93c7291295924772f995192924
-
SHA512
0600559a27a445e7fca7a0195e6c78659059177485239450db3eb7036c45f44f72813a3a2c80d47b43f22226ccb730e57c18d49cf1e87677e66b4cd728c05106
Static task
static1
Malware Config
Targets
-
-
Target
3582786dea00efb49bc3c0d0b78126924b4f7e93c7291295924772f995192924
-
Size
375KB
-
MD5
dd75dc677619c805a18b99c041b35c45
-
SHA1
47f79998650a4ed25185ebd06b27097a7a143e4e
-
SHA256
3582786dea00efb49bc3c0d0b78126924b4f7e93c7291295924772f995192924
-
SHA512
0600559a27a445e7fca7a0195e6c78659059177485239450db3eb7036c45f44f72813a3a2c80d47b43f22226ccb730e57c18d49cf1e87677e66b4cd728c05106
-
Gh0st RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-