General
-
Target
050d922ddefbb64dfe1493f7ca7a6fab3aac8c6e71b7da4eb656535822292403
-
Size
2.3MB
-
Sample
230207-ppalxsbf63
-
MD5
da86020dfe6864f4d1cd5d9cca81b07e
-
SHA1
fc063a1e268fc3ecf064b6acf727d9dad2036ac6
-
SHA256
050d922ddefbb64dfe1493f7ca7a6fab3aac8c6e71b7da4eb656535822292403
-
SHA512
5efd33e7efd467dd452b07b7372bbdb4099b7214fa964e5a6f8acab51303d72fb61b41b2b0e7dc3a86069a641b7903fd96086298c3dc0096ea3b57474821ac25
-
SSDEEP
49152:0dITtmhdLLX4+K7AFc6eUbJ8HeNnENfpFMPGO42djTHVGabM1:0dWtmhd3IlgcC2HeaNfp+uOfjTK1
Static task
static1
Behavioral task
behavioral1
Sample
050d922ddefbb64dfe1493f7ca7a6fab3aac8c6e71b7da4eb656535822292403.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
050d922ddefbb64dfe1493f7ca7a6fab3aac8c6e71b7da4eb656535822292403
-
Size
2.3MB
-
MD5
da86020dfe6864f4d1cd5d9cca81b07e
-
SHA1
fc063a1e268fc3ecf064b6acf727d9dad2036ac6
-
SHA256
050d922ddefbb64dfe1493f7ca7a6fab3aac8c6e71b7da4eb656535822292403
-
SHA512
5efd33e7efd467dd452b07b7372bbdb4099b7214fa964e5a6f8acab51303d72fb61b41b2b0e7dc3a86069a641b7903fd96086298c3dc0096ea3b57474821ac25
-
SSDEEP
49152:0dITtmhdLLX4+K7AFc6eUbJ8HeNnENfpFMPGO42djTHVGabM1:0dWtmhd3IlgcC2HeaNfp+uOfjTK1
-
Gh0st RAT payload
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-