General
-
Target
5a046650824cef1294192a002110bf4bcb7c29570d9b7ccfbb35ca6fc4d01357
-
Size
3.0MB
-
Sample
230830-yehn8ahf5y
-
MD5
cb55d677cabdbdfc732841e861b50abb
-
SHA1
014d9bc40d5c5dccbdf7928514b597eeb3bbe894
-
SHA256
5a046650824cef1294192a002110bf4bcb7c29570d9b7ccfbb35ca6fc4d01357
-
SHA512
f0c08cb93c3c9268ef81b610923ef74ce2d162b89f7f734088b288e8fa45a4e200b5fe48b13f976d0a9750c76499ada2f8a16634fe7f53e299787e80a70a16b2
-
SSDEEP
6144:q46iVZNa86sqSp5YEi68dBjYkOhDgAf3AQH0Qsay50v76GqY820C:q45KST2vYkOhDX0Zz5S768l
Static task
static1
Behavioral task
behavioral1
Sample
5a046650824cef1294192a002110bf4bcb7c29570d9b7ccfbb35ca6fc4d01357.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
5a046650824cef1294192a002110bf4bcb7c29570d9b7ccfbb35ca6fc4d01357
-
Size
3.0MB
-
MD5
cb55d677cabdbdfc732841e861b50abb
-
SHA1
014d9bc40d5c5dccbdf7928514b597eeb3bbe894
-
SHA256
5a046650824cef1294192a002110bf4bcb7c29570d9b7ccfbb35ca6fc4d01357
-
SHA512
f0c08cb93c3c9268ef81b610923ef74ce2d162b89f7f734088b288e8fa45a4e200b5fe48b13f976d0a9750c76499ada2f8a16634fe7f53e299787e80a70a16b2
-
SSDEEP
6144:q46iVZNa86sqSp5YEi68dBjYkOhDgAf3AQH0Qsay50v76GqY820C:q45KST2vYkOhDX0Zz5S768l
-
Gh0st RAT payload
-
Sets service image path in registry
-
Deletes itself
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-