General
-
Target
1ee3f1938ad18ae907b52733bba4591b7ea37460327eeaedc1129a0f2dbe452b
-
Size
1.3MB
-
Sample
230823-3yl8zagf54
-
MD5
6c9b6df5a7f81d7b7e700cb894358e93
-
SHA1
39561e9974c30495bd6543ccf816fb08b1f018de
-
SHA256
1ee3f1938ad18ae907b52733bba4591b7ea37460327eeaedc1129a0f2dbe452b
-
SHA512
d440148edfb1a84c3a44c7edcc2c334301489d24245ea0cd257ee8a910875a3471c7799baa657cd8c8639bbebb037a60fb5e67d81f440e964d1999b05d1f2899
-
SSDEEP
24576:dOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNa:QHPkVOBTK
Static task
static1
Behavioral task
behavioral1
Sample
1ee3f1938ad18ae907b52733bba4591b7ea37460327eeaedc1129a0f2dbe452b.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
1ee3f1938ad18ae907b52733bba4591b7ea37460327eeaedc1129a0f2dbe452b
-
Size
1.3MB
-
MD5
6c9b6df5a7f81d7b7e700cb894358e93
-
SHA1
39561e9974c30495bd6543ccf816fb08b1f018de
-
SHA256
1ee3f1938ad18ae907b52733bba4591b7ea37460327eeaedc1129a0f2dbe452b
-
SHA512
d440148edfb1a84c3a44c7edcc2c334301489d24245ea0cd257ee8a910875a3471c7799baa657cd8c8639bbebb037a60fb5e67d81f440e964d1999b05d1f2899
-
SSDEEP
24576:dOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNa:QHPkVOBTK
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-