General
-
Target
brunoHacker.exe
-
Size
408KB
-
Sample
230617-sldqyscb68
-
MD5
cda724098f73a391b79378ef37177297
-
SHA1
c452c06614d914765eda8c33b7e618bdcddee50e
-
SHA256
6e61574af212af8a984e691c74b9bbd91d52285acd60fb778629e9bf13262b2b
-
SHA512
685f166a531911801fafaef22ddb91b43f040a7fe24a06c02c9bfd0db1b04b3982dbcb907b255fa93174f813aa754483d237a9173cc7788f44f41531ba680e1e
-
SSDEEP
6144:c2GWQGcZTVN+0yB6oJrcR/QRqrGj7LWd1ZDg7HHEqrGjG5vYEA:c2zQGyTVVYJrjqrG7uMHEqrGkvYE
Behavioral task
behavioral1
Sample
brunoHacker.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
brunoHacker.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
brunoHacker.exe
-
Size
408KB
-
MD5
cda724098f73a391b79378ef37177297
-
SHA1
c452c06614d914765eda8c33b7e618bdcddee50e
-
SHA256
6e61574af212af8a984e691c74b9bbd91d52285acd60fb778629e9bf13262b2b
-
SHA512
685f166a531911801fafaef22ddb91b43f040a7fe24a06c02c9bfd0db1b04b3982dbcb907b255fa93174f813aa754483d237a9173cc7788f44f41531ba680e1e
-
SSDEEP
6144:c2GWQGcZTVN+0yB6oJrcR/QRqrGj7LWd1ZDg7HHEqrGjG5vYEA:c2zQGyTVVYJrjqrG7uMHEqrGkvYE
Score10/10-
Gh0st RAT payload
-
Registers new Print Monitor
-
Deletes itself
-
Executes dropped EXE
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops file in System32 directory
-