General
-
Target
a193953a3d22eb5d267f0a75071f400128a5a07354605eb36da409e81f5a9189
-
Size
4.6MB
-
Sample
230323-rzq3rsgc93
-
MD5
2d3b8d39bd8f40531deafdc0075fe739
-
SHA1
b418b1d6f0099e8e99917600d14778cfb6890758
-
SHA256
a193953a3d22eb5d267f0a75071f400128a5a07354605eb36da409e81f5a9189
-
SHA512
2adc6f295f54a7e911e7ea735feaa76b9a035db535e1654fc81149de1eeec33bc25f3b70ba332a38697391c47c9239df15ce2bdf7c0aa7484326e0ed113e1f44
-
SSDEEP
98304:f1T69a1N423oVs8o5D9AxRJ04fOTnWJ8kbURYM1jm4f3W9+r4:f1TXTKzCG7K4fJIRjV7fW+c
Static task
static1
Behavioral task
behavioral1
Sample
a193953a3d22eb5d267f0a75071f400128a5a07354605eb36da409e81f5a9189.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
a193953a3d22eb5d267f0a75071f400128a5a07354605eb36da409e81f5a9189
-
Size
4.6MB
-
MD5
2d3b8d39bd8f40531deafdc0075fe739
-
SHA1
b418b1d6f0099e8e99917600d14778cfb6890758
-
SHA256
a193953a3d22eb5d267f0a75071f400128a5a07354605eb36da409e81f5a9189
-
SHA512
2adc6f295f54a7e911e7ea735feaa76b9a035db535e1654fc81149de1eeec33bc25f3b70ba332a38697391c47c9239df15ce2bdf7c0aa7484326e0ed113e1f44
-
SSDEEP
98304:f1T69a1N423oVs8o5D9AxRJ04fOTnWJ8kbURYM1jm4f3W9+r4:f1TXTKzCG7K4fJIRjV7fW+c
-
Gh0st RAT payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-