General
-
Target
168c01c79d3aa49b9cf9b693d5b35d27f8184caf740bcf5b13a0117b3efc4404
-
Size
1.6MB
-
Sample
230830-1fqsbsae61
-
MD5
0559afd591013f888f0fd61745651b53
-
SHA1
52de24e8c4b9160e2ec24cb46cfdfd382f8e3978
-
SHA256
168c01c79d3aa49b9cf9b693d5b35d27f8184caf740bcf5b13a0117b3efc4404
-
SHA512
b260f01d8bc112783bb60a3e4fdb3dfa446db25209060b02feea74f2a8117ac3451386332d6c55b7d2a4dc3993d3a8b105f52cfe8d0173c2667ea764d70c7ff8
-
SSDEEP
49152:CqwGsaLI26OTQ3sCQXy4+FPiwmWWrhZlE:qP6oO0fQXuibTra
Static task
static1
Behavioral task
behavioral1
Sample
168c01c79d3aa49b9cf9b693d5b35d27f8184caf740bcf5b13a0117b3efc4404.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
168c01c79d3aa49b9cf9b693d5b35d27f8184caf740bcf5b13a0117b3efc4404
-
Size
1.6MB
-
MD5
0559afd591013f888f0fd61745651b53
-
SHA1
52de24e8c4b9160e2ec24cb46cfdfd382f8e3978
-
SHA256
168c01c79d3aa49b9cf9b693d5b35d27f8184caf740bcf5b13a0117b3efc4404
-
SHA512
b260f01d8bc112783bb60a3e4fdb3dfa446db25209060b02feea74f2a8117ac3451386332d6c55b7d2a4dc3993d3a8b105f52cfe8d0173c2667ea764d70c7ff8
-
SSDEEP
49152:CqwGsaLI26OTQ3sCQXy4+FPiwmWWrhZlE:qP6oO0fQXuibTra
-
Gh0st RAT payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-