General
-
Target
2f39f87d03668990058955a296f42473abb0ea98650be86556ccd77dd87bf4e7
-
Size
64KB
-
Sample
230830-zxssksac8t
-
MD5
129e24e9749de8d88025d31ac8151fd4
-
SHA1
5cbe83a18b6745e19cd7eb2777a74267506fee8a
-
SHA256
2f39f87d03668990058955a296f42473abb0ea98650be86556ccd77dd87bf4e7
-
SHA512
39245e83a4edad42bb5f65a56428699c48b12a3a47f60aa58e036a1dc9519a72320a08fcc2012bc3e1f0b493bfe2bf096421455ea9173890a1d437f1ffb31ffa
-
SSDEEP
768:uyhk830DYsr3VZG8LyPlrYXrfxanYsqFPUG9fVgcH8gH1TrQSlWVE1K0:fcVAMyNrafxaLGcZgkSTK
Static task
static1
Behavioral task
behavioral1
Sample
2f39f87d03668990058955a296f42473abb0ea98650be86556ccd77dd87bf4e7.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
2f39f87d03668990058955a296f42473abb0ea98650be86556ccd77dd87bf4e7
-
Size
64KB
-
MD5
129e24e9749de8d88025d31ac8151fd4
-
SHA1
5cbe83a18b6745e19cd7eb2777a74267506fee8a
-
SHA256
2f39f87d03668990058955a296f42473abb0ea98650be86556ccd77dd87bf4e7
-
SHA512
39245e83a4edad42bb5f65a56428699c48b12a3a47f60aa58e036a1dc9519a72320a08fcc2012bc3e1f0b493bfe2bf096421455ea9173890a1d437f1ffb31ffa
-
SSDEEP
768:uyhk830DYsr3VZG8LyPlrYXrfxanYsqFPUG9fVgcH8gH1TrQSlWVE1K0:fcVAMyNrafxaLGcZgkSTK
-
Gh0st RAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-