General
-
Target
4f5a8b7ca30c757f4cfcbd338d79dd06ebb6db62451845d7b53f38c54ad7da7a.msi
-
Size
13.7MB
-
Sample
221007-h5mg4abha2
-
MD5
afb73daab97a1a8fb156ed34715a01ca
-
SHA1
ecb0ea164d1d1ceea4a0fb0d06f61345f4a65ac3
-
SHA256
4f5a8b7ca30c757f4cfcbd338d79dd06ebb6db62451845d7b53f38c54ad7da7a
-
SHA512
35dec58a6525f91f6edb2cd9ef3e53f76cbee700ac7e489cda85a443835d210cbef4d369eb3084cb4ad8f5a06a281ea35908249ff6a4f566623c99d7c94487e9
-
SSDEEP
393216:w3Bp4yJDyaxkvEIeg/sczcezXEbpFS+zYeOPuet:WBy0Gax2fbDlzEbpFfzYeO
Static task
static1
Behavioral task
behavioral1
Sample
4f5a8b7ca30c757f4cfcbd338d79dd06ebb6db62451845d7b53f38c54ad7da7a.msi
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
4f5a8b7ca30c757f4cfcbd338d79dd06ebb6db62451845d7b53f38c54ad7da7a.msi
-
Size
13.7MB
-
MD5
afb73daab97a1a8fb156ed34715a01ca
-
SHA1
ecb0ea164d1d1ceea4a0fb0d06f61345f4a65ac3
-
SHA256
4f5a8b7ca30c757f4cfcbd338d79dd06ebb6db62451845d7b53f38c54ad7da7a
-
SHA512
35dec58a6525f91f6edb2cd9ef3e53f76cbee700ac7e489cda85a443835d210cbef4d369eb3084cb4ad8f5a06a281ea35908249ff6a4f566623c99d7c94487e9
-
SSDEEP
393216:w3Bp4yJDyaxkvEIeg/sczcezXEbpFS+zYeOPuet:WBy0Gax2fbDlzEbpFfzYeO
-
Gh0st RAT payload
-
Downloads MZ/PE file
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-