General
-
Target
tmp
-
Size
4.6MB
-
Sample
230402-q1va5sgf35
-
MD5
9665de160f7695ba54117e9e3619564c
-
SHA1
7b49f7051f16188b14bf073c8e770ebbd005bdea
-
SHA256
cc68b5edae8acaaf394ae0b92b6199f83630b9d66ba60152f0db0aa849cb0ece
-
SHA512
5e035593ca524999b4b8dd275d754ef52f38de24c251699ed5179f2fcf5c12e7a92e1aea67bc52d22954c324afec786c894643b5a1dd7f0f2bc331c3fe32968b
-
SSDEEP
98304:3i/XDlaVlI4AhZ67RlXoAfZROOxbK58+FrzpxsUGqbgtXOgTM1/0oKU:3KD0m4A67DXfqOZ+8IIUGqbI+gw/h
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230220-en
Malware Config
Extracted
gh0strat
190.92.242.47
Targets
-
-
Target
tmp
-
Size
4.6MB
-
MD5
9665de160f7695ba54117e9e3619564c
-
SHA1
7b49f7051f16188b14bf073c8e770ebbd005bdea
-
SHA256
cc68b5edae8acaaf394ae0b92b6199f83630b9d66ba60152f0db0aa849cb0ece
-
SHA512
5e035593ca524999b4b8dd275d754ef52f38de24c251699ed5179f2fcf5c12e7a92e1aea67bc52d22954c324afec786c894643b5a1dd7f0f2bc331c3fe32968b
-
SSDEEP
98304:3i/XDlaVlI4AhZ67RlXoAfZROOxbK58+FrzpxsUGqbgtXOgTM1/0oKU:3KD0m4A67DXfqOZ+8IIUGqbI+gw/h
-
Gh0st RAT payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-