General
-
Target
a8d2c79839b37e9da7b91be4303c22b29523adb9415172496a537f9a1b276cfb
-
Size
4.6MB
-
Sample
230828-f4savaab8t
-
MD5
75f9b3bb916a9a5f0fbc3d2ae2b15c6c
-
SHA1
3db711ee95648bad3e52d8ce8b53780aa0039f77
-
SHA256
a8d2c79839b37e9da7b91be4303c22b29523adb9415172496a537f9a1b276cfb
-
SHA512
2276966ff72597299fb24e323d4e2efc989f38c775a049a78dbaaa42392d90f7aad44cef73fd857b87ad1aa00ab59dffc1f50507467b73d579d68c5397a9a373
-
SSDEEP
24576:phUom+wjcdz1GvDBcComjbqI4SixIxWE1r:vUKz12nVjtcCW
Static task
static1
Behavioral task
behavioral1
Sample
a8d2c79839b37e9da7b91be4303c22b29523adb9415172496a537f9a1b276cfb.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
a8d2c79839b37e9da7b91be4303c22b29523adb9415172496a537f9a1b276cfb
-
Size
4.6MB
-
MD5
75f9b3bb916a9a5f0fbc3d2ae2b15c6c
-
SHA1
3db711ee95648bad3e52d8ce8b53780aa0039f77
-
SHA256
a8d2c79839b37e9da7b91be4303c22b29523adb9415172496a537f9a1b276cfb
-
SHA512
2276966ff72597299fb24e323d4e2efc989f38c775a049a78dbaaa42392d90f7aad44cef73fd857b87ad1aa00ab59dffc1f50507467b73d579d68c5397a9a373
-
SSDEEP
24576:phUom+wjcdz1GvDBcComjbqI4SixIxWE1r:vUKz12nVjtcCW
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-