General
-
Target
d2917799bb47bda19b1310a56290995dfed005bd318656d647a9c3e46a8fd117
-
Size
1.6MB
-
Sample
230828-dc91gaeh89
-
MD5
bbffe4ad49a192556a933decee1c0614
-
SHA1
b1fed18a09018aae23459b6ad673c861fbadbbfd
-
SHA256
d2917799bb47bda19b1310a56290995dfed005bd318656d647a9c3e46a8fd117
-
SHA512
da02389a16fb70334aac3b5d3b923cf0128d5f1db793589c49681562b233e3e35e49bd299dc583e1e3264587bccf515eb894c6cbe5d4b6fa6ed76cae09406190
-
SSDEEP
49152:ZHf+cWJKq358AJoaqMyY58V4M+gF7Nvas7tc1/xh:5fpWJKq3eAJVqMgSM+gDas7O/
Static task
static1
Behavioral task
behavioral1
Sample
d2917799bb47bda19b1310a56290995dfed005bd318656d647a9c3e46a8fd117.dll
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
d2917799bb47bda19b1310a56290995dfed005bd318656d647a9c3e46a8fd117
-
Size
1.6MB
-
MD5
bbffe4ad49a192556a933decee1c0614
-
SHA1
b1fed18a09018aae23459b6ad673c861fbadbbfd
-
SHA256
d2917799bb47bda19b1310a56290995dfed005bd318656d647a9c3e46a8fd117
-
SHA512
da02389a16fb70334aac3b5d3b923cf0128d5f1db793589c49681562b233e3e35e49bd299dc583e1e3264587bccf515eb894c6cbe5d4b6fa6ed76cae09406190
-
SSDEEP
49152:ZHf+cWJKq358AJoaqMyY58V4M+gF7Nvas7tc1/xh:5fpWJKq3eAJVqMgSM+gDas7O/
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-