General
-
Target
15e79771df7f13ada5ab202d2eb3da95afc6b1e026ffd8687dd55c4daede8f1c
-
Size
1.6MB
-
Sample
230830-st5jmsfe3y
-
MD5
b9ae95d21d2e7cf32319c3e939073b54
-
SHA1
df2ee74b12620e486ac41e17fb42184fc4568898
-
SHA256
15e79771df7f13ada5ab202d2eb3da95afc6b1e026ffd8687dd55c4daede8f1c
-
SHA512
424e913652e805d1ec43aac2c8f31848ebf432b7781b4c1877645d7f5ba797235bcd3abf787de91e2877e25791f15cc79c9fe77ebdcec9edc5579fed6a0fa3d3
-
SSDEEP
24576:/fPgoWX1is531r4kmAYeRTvUL87KAJM0UaF8Myes0PcPSLY6FXeHv2NhP/BnSGkM:IoWFisRF5mAYYq82aqMlTrLzFOHOhnSc
Static task
static1
Behavioral task
behavioral1
Sample
15e79771df7f13ada5ab202d2eb3da95afc6b1e026ffd8687dd55c4daede8f1c.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
15e79771df7f13ada5ab202d2eb3da95afc6b1e026ffd8687dd55c4daede8f1c
-
Size
1.6MB
-
MD5
b9ae95d21d2e7cf32319c3e939073b54
-
SHA1
df2ee74b12620e486ac41e17fb42184fc4568898
-
SHA256
15e79771df7f13ada5ab202d2eb3da95afc6b1e026ffd8687dd55c4daede8f1c
-
SHA512
424e913652e805d1ec43aac2c8f31848ebf432b7781b4c1877645d7f5ba797235bcd3abf787de91e2877e25791f15cc79c9fe77ebdcec9edc5579fed6a0fa3d3
-
SSDEEP
24576:/fPgoWX1is531r4kmAYeRTvUL87KAJM0UaF8Myes0PcPSLY6FXeHv2NhP/BnSGkM:IoWFisRF5mAYYq82aqMlTrLzFOHOhnSc
-
Gh0st RAT payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-