General
-
Target
tmp
-
Size
29.0MB
-
Sample
230328-n1bspacd9x
-
MD5
0eced94273a76722b8867efad60b9c4c
-
SHA1
c11788a3d35d6ed77d696fbdde22ad5c3bf86e3b
-
SHA256
36fadbc7a0058168dc9f341447cd8e32021bbe49d88ee23a3486d8dc7b58b863
-
SHA512
caa256c921d4c67ed8ebc308619b83003a63e45fc592285323fbfc4541c0b9a26e8f156e8d990bbb5a35e44ce7b69aa1fd6c31f8ca299ef5065c800128cd4237
-
SSDEEP
786432:leyuVrGdvL3GL5D5cozOBtphqBMyws8Kk6FtiaUKFyP2S:g7YzO5D55qrOus8Kk6F0aUH2S
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230220-en
Malware Config
Extracted
gh0strat
103.127.83.61
Targets
-
-
Target
tmp
-
Size
29.0MB
-
MD5
0eced94273a76722b8867efad60b9c4c
-
SHA1
c11788a3d35d6ed77d696fbdde22ad5c3bf86e3b
-
SHA256
36fadbc7a0058168dc9f341447cd8e32021bbe49d88ee23a3486d8dc7b58b863
-
SHA512
caa256c921d4c67ed8ebc308619b83003a63e45fc592285323fbfc4541c0b9a26e8f156e8d990bbb5a35e44ce7b69aa1fd6c31f8ca299ef5065c800128cd4237
-
SSDEEP
786432:leyuVrGdvL3GL5D5cozOBtphqBMyws8Kk6FtiaUKFyP2S:g7YzO5D55qrOus8Kk6F0aUH2S
-
Gh0st RAT payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-