General
-
Target
c282162fbee56bf05d9c8953c453f874e9dbb4a73da28dbe8a489fe74d7523cd
-
Size
375KB
-
Sample
220812-vjjkjaffdn
-
MD5
f87e4ab1949e0cca97963fa33e4768b3
-
SHA1
53f9ea6ef090d6d980b2360e1ce365cb7ba0aa7e
-
SHA256
c282162fbee56bf05d9c8953c453f874e9dbb4a73da28dbe8a489fe74d7523cd
-
SHA512
62e22146ea28df86c90559c79d27f05fa3f5ab6fd64f70977eaa8817fcf054c62e9b298561d12991c16d0cb515bd81309b21656777109f270959fcee72101e84
Static task
static1
Malware Config
Targets
-
-
Target
c282162fbee56bf05d9c8953c453f874e9dbb4a73da28dbe8a489fe74d7523cd
-
Size
375KB
-
MD5
f87e4ab1949e0cca97963fa33e4768b3
-
SHA1
53f9ea6ef090d6d980b2360e1ce365cb7ba0aa7e
-
SHA256
c282162fbee56bf05d9c8953c453f874e9dbb4a73da28dbe8a489fe74d7523cd
-
SHA512
62e22146ea28df86c90559c79d27f05fa3f5ab6fd64f70977eaa8817fcf054c62e9b298561d12991c16d0cb515bd81309b21656777109f270959fcee72101e84
-
Gh0st RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-