General
-
Target
148c5b2cb00c6f578823dfddd779b77bee344ef27cbe22009dec9b5c834ad6d3
-
Size
380KB
-
Sample
240124-axh6psdfdl
-
MD5
12309943b39c69df6370ff403d7a4171
-
SHA1
bc836b00a639388422e08ae612ac6dbcf948dbfa
-
SHA256
148c5b2cb00c6f578823dfddd779b77bee344ef27cbe22009dec9b5c834ad6d3
-
SHA512
034bf62c46c9ae128abfb4c2f4ddc87c436b2fcdc7449f18304b4f0e0597888a01ad7e6262c99bcbd1b6d53fa588d0cd3ebd0da138a719eb81906719c746b1ba
-
SSDEEP
3072:VfK/yLrQbWaR5Qax8qr/YtImroxSnOPMfZSa3aVz9TWFHZg:VeyLEbWaR5CqrPioxSOUH3abWFHZg
Static task
static1
Behavioral task
behavioral1
Sample
148c5b2cb00c6f578823dfddd779b77bee344ef27cbe22009dec9b5c834ad6d3.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
148c5b2cb00c6f578823dfddd779b77bee344ef27cbe22009dec9b5c834ad6d3.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
metasploit
windows/reverse_http
http://192.168.5.121:8000/8R_B1
Extracted
gh0strat
free.idcfengye.com
Targets
-
-
Target
148c5b2cb00c6f578823dfddd779b77bee344ef27cbe22009dec9b5c834ad6d3
-
Size
380KB
-
MD5
12309943b39c69df6370ff403d7a4171
-
SHA1
bc836b00a639388422e08ae612ac6dbcf948dbfa
-
SHA256
148c5b2cb00c6f578823dfddd779b77bee344ef27cbe22009dec9b5c834ad6d3
-
SHA512
034bf62c46c9ae128abfb4c2f4ddc87c436b2fcdc7449f18304b4f0e0597888a01ad7e6262c99bcbd1b6d53fa588d0cd3ebd0da138a719eb81906719c746b1ba
-
SSDEEP
3072:VfK/yLrQbWaR5Qax8qr/YtImroxSnOPMfZSa3aVz9TWFHZg:VeyLEbWaR5CqrPioxSOUH3abWFHZg
Score10/10-
Gh0st RAT payload
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-