Overview

overview

8

Static

static

1

CyberGhost...up.exe

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CyberGhostVPNSetup.exe

  • Size

    127KB

  • Sample

    231118-xlrd9sfc96

  • MD5

    fd093f3100a56b710c50d41667da7e2b

  • SHA1

    5ec9063e4380f642d2a551da76fd4d3f00fd4c96

  • SHA256

    f6dfae75fd23c0446ec1721994cf2530c66bd76366423176414747b39153bf58

  • SHA512

    d3daebf6e3669a4b2a944e60d97c86fd31878cea66e252f05ea8d23f92c1f02ef8e6f4dda250b979a9b9df3fa71dc43c4ab98e2cae52e7687861d1e9a3dd09c0

  • SSDEEP

    3072:ACNd5JY06+ywjDnJShh8N7JNzFrxO/DLxPO4GV:TNVPtVQ7LtOz

Score
8/10

Malware Config

Targets

    • Target

      CyberGhostVPNSetup.exe

    • Size

      127KB

    • MD5

      fd093f3100a56b710c50d41667da7e2b

    • SHA1

      5ec9063e4380f642d2a551da76fd4d3f00fd4c96

    • SHA256

      f6dfae75fd23c0446ec1721994cf2530c66bd76366423176414747b39153bf58

    • SHA512

      d3daebf6e3669a4b2a944e60d97c86fd31878cea66e252f05ea8d23f92c1f02ef8e6f4dda250b979a9b9df3fa71dc43c4ab98e2cae52e7687861d1e9a3dd09c0

    • SSDEEP

      3072:ACNd5JY06+ywjDnJShh8N7JNzFrxO/DLxPO4GV:TNVPtVQ7LtOz

    Score
    8/10

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks