General
-
Target
da3c7db2e0bef60c959a84de7b4832c75f27b35ee600b8115007bdb93d31d9f3
-
Size
1.1MB
-
Sample
230827-3v8mssdh39
-
MD5
6867c52cb18de6c3d299b5f8b4d23942
-
SHA1
8cab246f4181fa771beeb7eee4ec8a211d5a5184
-
SHA256
da3c7db2e0bef60c959a84de7b4832c75f27b35ee600b8115007bdb93d31d9f3
-
SHA512
043e85095198c812dbbd70f1737a61960608684b807940db8024c39c870a5186649160497bf4710a2b1287f2a1012682be251ab3c2601ebdfe49085b6605827d
-
SSDEEP
24576:FKGWrq+itBV6Q5k91qeu6Fid/sb0El+jFCPUw+pG4fIfgW/R5tYGb9Mrr4Tbb:Qq+it76kk98eHFOswKUw+pOYWDtRGETn
Static task
static1
Behavioral task
behavioral1
Sample
da3c7db2e0bef60c959a84de7b4832c75f27b35ee600b8115007bdb93d31d9f3.exe
Resource
win7-20230824-en
Malware Config
Targets
-
-
Target
da3c7db2e0bef60c959a84de7b4832c75f27b35ee600b8115007bdb93d31d9f3
-
Size
1.1MB
-
MD5
6867c52cb18de6c3d299b5f8b4d23942
-
SHA1
8cab246f4181fa771beeb7eee4ec8a211d5a5184
-
SHA256
da3c7db2e0bef60c959a84de7b4832c75f27b35ee600b8115007bdb93d31d9f3
-
SHA512
043e85095198c812dbbd70f1737a61960608684b807940db8024c39c870a5186649160497bf4710a2b1287f2a1012682be251ab3c2601ebdfe49085b6605827d
-
SSDEEP
24576:FKGWrq+itBV6Q5k91qeu6Fid/sb0El+jFCPUw+pG4fIfgW/R5tYGb9Mrr4Tbb:Qq+it76kk98eHFOswKUw+pOYWDtRGETn
-
Gh0st RAT payload
-
Deletes itself
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-