General
-
Target
tmp
-
Size
1.2MB
-
Sample
230328-gd8etahb58
-
MD5
44f50973ac66fd83be9411d6ab53446f
-
SHA1
6660ac4bf320699b43776f0d3f96c2b1cab104d3
-
SHA256
6a97f44c2a3d62603e7870723ee797abd5d2af53e12662f0d9e0ca3c1d82e297
-
SHA512
80a51ae37153d1385119ffbfe14a99032898e45369a1353d4483c8d4256cce419baca447cb025dcd7fa31a9abb0a98f281744040bdb7731b48a828441e2ef74d
-
SSDEEP
24576:uyDoTqctaY5effnW8RDsXOvvYh1BKy7ILN7qxx+HP288pu3WPs2/:uwoTpE/WwDIngzRqI8p0R2/
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230220-en
Malware Config
Extracted
gh0strat
192.253.237.20
Targets
-
-
Target
tmp
-
Size
1.2MB
-
MD5
44f50973ac66fd83be9411d6ab53446f
-
SHA1
6660ac4bf320699b43776f0d3f96c2b1cab104d3
-
SHA256
6a97f44c2a3d62603e7870723ee797abd5d2af53e12662f0d9e0ca3c1d82e297
-
SHA512
80a51ae37153d1385119ffbfe14a99032898e45369a1353d4483c8d4256cce419baca447cb025dcd7fa31a9abb0a98f281744040bdb7731b48a828441e2ef74d
-
SSDEEP
24576:uyDoTqctaY5effnW8RDsXOvvYh1BKy7ILN7qxx+HP288pu3WPs2/:uwoTpE/WwDIngzRqI8p0R2/
-
Gh0st RAT payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-