General

  • Target

    Ghostexp.exe

  • Size

    834KB

  • Sample

    240305-p6qz8sgb79

  • MD5

    e0f5e0769b2e6048824bf49507546bb6

  • SHA1

    9fee315593736164f1393ec4d78bf40d9e2f7091

  • SHA256

    b609bc8d85536ab332b5efd9c8f7d82411b2cc8bdcc366feb3647eba045fb761

  • SHA512

    b7ad67447722298e5f723f966fc2175a28027a71c436dddd725f2e5c65ce5654fbc54f9bd916380721f5ed9d247e2754bef4e4db5d35d3d247e3003376f0ef18

  • SSDEEP

    12288:sCWAgK7+OPpibO9Ntm0gpy456IElQUnByNfJvSdfDzNSjYcwhtGL0iIzgP:8YqsNtm0ggiaQ0BybvinmYSLOU

Score
7/10

Malware Config

Targets

    • Target

      Ghostexp.exe

    • Size

      834KB

    • MD5

      e0f5e0769b2e6048824bf49507546bb6

    • SHA1

      9fee315593736164f1393ec4d78bf40d9e2f7091

    • SHA256

      b609bc8d85536ab332b5efd9c8f7d82411b2cc8bdcc366feb3647eba045fb761

    • SHA512

      b7ad67447722298e5f723f966fc2175a28027a71c436dddd725f2e5c65ce5654fbc54f9bd916380721f5ed9d247e2754bef4e4db5d35d3d247e3003376f0ef18

    • SSDEEP

      12288:sCWAgK7+OPpibO9Ntm0gpy456IElQUnByNfJvSdfDzNSjYcwhtGL0iIzgP:8YqsNtm0ggiaQ0BybvinmYSLOU

    Score
    6/10
    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks