General
-
Target
1dec6d31ca949426cb41ab2ae4bdc383f81e0511c12f5416322a19975959c50e
-
Size
1.7MB
-
Sample
230828-g8mftsae2v
-
MD5
bc02113864af84d18c346712db1df77f
-
SHA1
95f28a8f4e469d1043dd2f07773c7d4f8688b10a
-
SHA256
1dec6d31ca949426cb41ab2ae4bdc383f81e0511c12f5416322a19975959c50e
-
SHA512
453f698479f084d15737832f847510135fbb4f372dba35188729ffcd78246e46a89dceef4b7a85afcc931bc011460943c33083c33d96824a50bec97d0ec5e2e4
-
SSDEEP
49152:vEd635swwspNRHEV3lkj8h+rFZ9PepBKpkw:vEO5Nwsp4Flkj8hS9PeN
Static task
static1
Behavioral task
behavioral1
Sample
1dec6d31ca949426cb41ab2ae4bdc383f81e0511c12f5416322a19975959c50e.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
1dec6d31ca949426cb41ab2ae4bdc383f81e0511c12f5416322a19975959c50e
-
Size
1.7MB
-
MD5
bc02113864af84d18c346712db1df77f
-
SHA1
95f28a8f4e469d1043dd2f07773c7d4f8688b10a
-
SHA256
1dec6d31ca949426cb41ab2ae4bdc383f81e0511c12f5416322a19975959c50e
-
SHA512
453f698479f084d15737832f847510135fbb4f372dba35188729ffcd78246e46a89dceef4b7a85afcc931bc011460943c33083c33d96824a50bec97d0ec5e2e4
-
SSDEEP
49152:vEd635swwspNRHEV3lkj8h+rFZ9PepBKpkw:vEO5Nwsp4Flkj8hS9PeN
-
Gh0st RAT payload
-
Deletes itself
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-