General
-
Target
bcb1bfa21a7bca8ec661407cd0d436a1244603731f12b33a8836e93399834f8a
-
Size
732KB
-
Sample
230408-px5r2add29
-
MD5
5aefc9ba18864aff379d93ac1b26f2a0
-
SHA1
646dac20761edc3a9d4041b66840a85e850a86e8
-
SHA256
bcb1bfa21a7bca8ec661407cd0d436a1244603731f12b33a8836e93399834f8a
-
SHA512
0cb82614ddef4cd77237c166a4a8a462933c2cc299d37946a30138fd1cbc4c722436e4ed21e3b276b09e0a3845a729d0635602738da54126ef1b36c053c1209f
-
SSDEEP
12288:TQfiNIK+Rbv22yPkH3aQDnUIUw5Z1Eau/RriXeI7dBalqsZI:y0II2okHqdIP/C5UdBx4I
Behavioral task
behavioral1
Sample
bcb1bfa21a7bca8ec661407cd0d436a1244603731f12b33a8836e93399834f8a.exe
Resource
win7-20230220-en
Malware Config
Extracted
gh0strat
103.39.210.95
Targets
-
-
Target
bcb1bfa21a7bca8ec661407cd0d436a1244603731f12b33a8836e93399834f8a
-
Size
732KB
-
MD5
5aefc9ba18864aff379d93ac1b26f2a0
-
SHA1
646dac20761edc3a9d4041b66840a85e850a86e8
-
SHA256
bcb1bfa21a7bca8ec661407cd0d436a1244603731f12b33a8836e93399834f8a
-
SHA512
0cb82614ddef4cd77237c166a4a8a462933c2cc299d37946a30138fd1cbc4c722436e4ed21e3b276b09e0a3845a729d0635602738da54126ef1b36c053c1209f
-
SSDEEP
12288:TQfiNIK+Rbv22yPkH3aQDnUIUw5Z1Eau/RriXeI7dBalqsZI:y0II2okHqdIP/C5UdBx4I
-
Gh0st RAT payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-