General
-
Target
ac3d71f46ce24bdb6a97c0997291633b171c17141d06d153b5d4424ecaa34220
-
Size
184KB
-
Sample
221003-m6w55sdbfn
-
MD5
5160af69aec4088ef0e2cc8d0d9d6850
-
SHA1
1d1cb3687c3a0473e629fc7178ad914684c647ff
-
SHA256
ac3d71f46ce24bdb6a97c0997291633b171c17141d06d153b5d4424ecaa34220
-
SHA512
b5245c7dd0c30d38693f52622e783402e8d09b50f1f2e28ec793133937320982f2fa4ee92c8413a59bc1d3e9b05becb910dbbec368c3cda9fe674ac30d55dc09
-
SSDEEP
3072:mtABk6WqKjRTmSPYYDw4nOP29jGMg+f0NLStQLdYqodDI+:GABk6WqCvBDnnOPaFf0kOLdyI
Static task
static1
Behavioral task
behavioral1
Sample
ac3d71f46ce24bdb6a97c0997291633b171c17141d06d153b5d4424ecaa34220.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
ac3d71f46ce24bdb6a97c0997291633b171c17141d06d153b5d4424ecaa34220.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
ac3d71f46ce24bdb6a97c0997291633b171c17141d06d153b5d4424ecaa34220
-
Size
184KB
-
MD5
5160af69aec4088ef0e2cc8d0d9d6850
-
SHA1
1d1cb3687c3a0473e629fc7178ad914684c647ff
-
SHA256
ac3d71f46ce24bdb6a97c0997291633b171c17141d06d153b5d4424ecaa34220
-
SHA512
b5245c7dd0c30d38693f52622e783402e8d09b50f1f2e28ec793133937320982f2fa4ee92c8413a59bc1d3e9b05becb910dbbec368c3cda9fe674ac30d55dc09
-
SSDEEP
3072:mtABk6WqKjRTmSPYYDw4nOP29jGMg+f0NLStQLdYqodDI+:GABk6WqCvBDnnOPaFf0kOLdyI
Score10/10-
Gh0st RAT payload
-
Sets DLL path for service in the registry
-
Deletes itself
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-