General
-
Target
7a3132895925d9fe27e94795690c5e95c035d222cb4a29ae0cf5ded4d6b6e196
-
Size
1.3MB
-
Sample
230831-2bls9abb86
-
MD5
66d1a5be08297437d08c0b365359ccf5
-
SHA1
599ef66c3593ce5fc9549b35048c14c921ec10df
-
SHA256
7a3132895925d9fe27e94795690c5e95c035d222cb4a29ae0cf5ded4d6b6e196
-
SHA512
b8226280647e92b36ac13c9096295e318e385cc7ca65fc0e27c3db303a17e5b9be095489f8a0fec67e9331e8643b1186b1eba0d9c32922bc67da3116545c1a4b
-
SSDEEP
24576:dOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNY:QHPkVOBTK
Static task
static1
Behavioral task
behavioral1
Sample
7a3132895925d9fe27e94795690c5e95c035d222cb4a29ae0cf5ded4d6b6e196.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
7a3132895925d9fe27e94795690c5e95c035d222cb4a29ae0cf5ded4d6b6e196
-
Size
1.3MB
-
MD5
66d1a5be08297437d08c0b365359ccf5
-
SHA1
599ef66c3593ce5fc9549b35048c14c921ec10df
-
SHA256
7a3132895925d9fe27e94795690c5e95c035d222cb4a29ae0cf5ded4d6b6e196
-
SHA512
b8226280647e92b36ac13c9096295e318e385cc7ca65fc0e27c3db303a17e5b9be095489f8a0fec67e9331e8643b1186b1eba0d9c32922bc67da3116545c1a4b
-
SSDEEP
24576:dOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNY:QHPkVOBTK
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Deletes itself
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-