General
-
Target
558e80fb074836c42b5d54d3f20839f1eaab3d8168d0fc4aae1435231e0d359e
-
Size
1.1MB
-
Sample
230325-m1apyscc95
-
MD5
c6e5abd2b25c38c7f5b94498565f7d6b
-
SHA1
26337d29590fcf03be19f1afb0fdda66e53bd8da
-
SHA256
558e80fb074836c42b5d54d3f20839f1eaab3d8168d0fc4aae1435231e0d359e
-
SHA512
58a9a233f89ea16dbfce97f92523cbfd8367ba693c0a695ac9103f0e48611492e0607be3c93db47045668f726fa39d22c196ba817d4eb22d2351eba0e1e44b9c
-
SSDEEP
24576:i7+jI5iB5Rg/IkBd16JSsvB5h8/rmOWn:n3kBd4vaNWn
Malware Config
Extracted
gh0strat
3005.qmananan.com
Targets
-
-
Target
558e80fb074836c42b5d54d3f20839f1eaab3d8168d0fc4aae1435231e0d359e
-
Size
1.1MB
-
MD5
c6e5abd2b25c38c7f5b94498565f7d6b
-
SHA1
26337d29590fcf03be19f1afb0fdda66e53bd8da
-
SHA256
558e80fb074836c42b5d54d3f20839f1eaab3d8168d0fc4aae1435231e0d359e
-
SHA512
58a9a233f89ea16dbfce97f92523cbfd8367ba693c0a695ac9103f0e48611492e0607be3c93db47045668f726fa39d22c196ba817d4eb22d2351eba0e1e44b9c
-
SSDEEP
24576:i7+jI5iB5Rg/IkBd16JSsvB5h8/rmOWn:n3kBd4vaNWn
-
Gh0st RAT payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-