General
-
Target
up-tset-x64.3.9.5.exe
-
Size
127.7MB
-
Sample
230410-l9sfpagf79
-
MD5
e48a2e55f1a45d86668c9d8dca33a015
-
SHA1
7c84c4bb3776511c925337a550489a0a9084455b
-
SHA256
6757bdf3922a9c57be8b2b73bc875a34487e27e3f8161f7f94598e13dfab61aa
-
SHA512
5fdfcdf8fa4ad2bd4b86ff5e08d08517abb1314201f20442b3b081180414937f48c0e4d029dcd5978f3d8a9a796e985f5d6150795a1d954b9828323e0da9a341
-
SSDEEP
3145728:ntCyIAERU5gLBva3wsppUHB7lbVtI92tIE+kspv:nMyS5a/nUHvbc92tlZOv
Behavioral task
behavioral1
Sample
up-tset-x64.3.9.5.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
up-tset-x64.3.9.5.exe
-
Size
127.7MB
-
MD5
e48a2e55f1a45d86668c9d8dca33a015
-
SHA1
7c84c4bb3776511c925337a550489a0a9084455b
-
SHA256
6757bdf3922a9c57be8b2b73bc875a34487e27e3f8161f7f94598e13dfab61aa
-
SHA512
5fdfcdf8fa4ad2bd4b86ff5e08d08517abb1314201f20442b3b081180414937f48c0e4d029dcd5978f3d8a9a796e985f5d6150795a1d954b9828323e0da9a341
-
SSDEEP
3145728:ntCyIAERU5gLBva3wsppUHB7lbVtI92tIE+kspv:nMyS5a/nUHvbc92tlZOv
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Modifies RDP port number used by Windows
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-