4db59a0e1bfdc3d12b222f6e2de79dc7ec9670796dcfeffa77aff3d2c0cbbb5f

Sharing

Copy URL

Twitter E-mail

General

Target

GH Injector.rar
Size

12.5MB
Sample

240328-m63ypaah9v
MD5

e3f65c93149ea0a6f55e4fd91612b318
SHA1

ba3b6370d39d2c2f6bd87355f86a07007af54725
SHA256

4db59a0e1bfdc3d12b222f6e2de79dc7ec9670796dcfeffa77aff3d2c0cbbb5f
SHA512

256cdc3aeaee14269fc5bd6b8afb309968e0a4d04bbcebc5a542334c3dd8ad378c23c5704e9e470062981ec04bffc227f96ec9e95f97579b4fbb25eb1a2ea36c
SSDEEP

393216:yTJasiwfKmb7Pp7RLtMzVc1q4a/r8aIEZAedw:yTJaofH7R7FKzV/foaJhdw

Score

8^/10

Malware Config

Targets

- Target
  
  GH Injector/GH Injector - x64.dll
- Size
  
  522KB
- MD5
  
  01440d8b015430565abfc50b3519ea67
- SHA1
  
  5971d3a83b7c8719b8448cb1cbae562a2b038132
- SHA256
  
  501e8a87b3fba8ba951106b6f421e6e9807004ad65cc78a97f279e95f67f4a62
- SHA512
  
  f6b712acb8b2ef6ba55ce1d179fd54e511b0cdecf3f7680f25c7ebfddf1a8a64174e67896426cb965005d4889fb108cf673d3358b16d959b8c702914f0a6b0b3
- SSDEEP
  
  12288:Frbp6a0F+VdaMtLrZCunAqOph0lhSMXli2/vX:FB6OTTPbEh0lhSMXlpH
Score

8^/10
- Blocklisted process makes network request
behavioral1
- Target
  
  GH Injector/GH Injector - x64.exe
- Size
  
  3.8MB
- MD5
  
  f1f15ed0c8fd18e21eed6ca1d076236a
- SHA1
  
  0271a880a68026a061bc15d216ff7dfae4bd1cd9
- SHA256
  
  cfb107a9ba844ce32b62bda3701025a25c42b40c219dc71fa4eb875cc3ec7d75
- SHA512
  
  8aa0c2ef8c09b23e84d73899130d87c3a2dd3c01331891c2a233cedf53b55f5ef6608bc5e681a99ad5bd7765cadcb6771284b0c691b8bbebbfd6e24b6811cc58
- SSDEEP
  
  24576:Avf09aJEbNYoO4vQ15fyC3la4oSJwpYs6iW55lR9J4dWJp1avPBKlh0lhSMXl/dS:as9oBdHfyc9oSJwYJEJK8PdS
Score

1^/10
behavioral2
- Target
  
  GH Injector/GH Injector - x64.pdb
- Size
  
  13.7MB
- MD5
  
  57e65a50950ae9aa23a84814900fc1ef
- SHA1
  
  4076ba410f725ecc8451823fcdf2a205b5f0add7
- SHA256
  
  c43eb7e890970c8a9745aa8f7bb4f6544aad86ac96a0e50cea0b8cf4655e969c
- SHA512
  
  75f7193cc46f28dc084ac8ce00e5938ab154a4014e4b17458c22acdcc2361dc0394898e7a14d4f0ae0cf35cc9dc03ce1b8ba7e564f7fe38ab4fe8078f57f996e
- SSDEEP
  
  98304:+5EMmkhhyODKbUmEJ/CqaNyHt8afDmX5LwRxL0s2kHdPXIGUrk7EKnK3V129srQ:WRx4cHUrsGrW
Score

3^/10
behavioral3
- Target
  
  GH Injector/GH Injector - x86.dll
- Size
  
  412KB
- MD5
  
  d4be3b61f2f434f2711cf8c7d16ce573
- SHA1
  
  5725621d526d1d2410733b3787d9ff478d6d762a
- SHA256
  
  a872bca69d76df5df4a3892443f1ea714b5bb6da2c4503c208003112bbe2eae5
- SHA512
  
  e0faee22833c77861a20d7800ff26e9c1c43bd5273e043304c62b40476eac9f0c00964147a626d9f2ed5ef0f78958d58e77856813b4fd8fb224cee3bbcd65a12
- SSDEEP
  
  6144:5cnimUQVUY18MTzkZli0u3942lqoRAph0lhSMXlBXBWHOssOdrR0pEW:WUY18MTzsliL3940kph0lhSMXlCOrz
Score

8^/10
- Blocklisted process makes network request
behavioral4
- Target
  
  GH Injector/GH Injector DNP - x64.dll
- Size
  
  48KB
- MD5
  
  c11003e6214b65f6e533234db0fedfa6
- SHA1
  
  a3efa346cf325e2ed049923e86a22f830373cf26
- SHA256
  
  e3ab5ad1e4626ed2071ab74f250af2e5c11eeaffacd452030949d80028bbeb9e
- SHA512
  
  5812104b9bcadbe0a9499b248deea96baf88607d4143416885bfd012660f1fd283ed2220ac105eeee02c6d8642aba2115dc2833e5cb684964539ce547925be70
- SSDEEP
  
  1536:/h2Dy8PPlEwgvQtkOiMEE31j9vEBP68hl15YnwPxY:/D8PlgvSkkcYgxY
Score

1^/10
behavioral5
- Target
  
  GH Injector/GH Injector DNP - x86.dll
- Size
  
  41KB
- MD5
  
  ac1e179db9e1662cd5eadf7d270e4ecb
- SHA1
  
  d4e8ebcc1d95f4ccbb2bb1680ad2e56f46f958e6
- SHA256
  
  b2f7d9c60e51654c3c6f0b40b5a8bffaed3f4bcedbd7e35af42f4e7f50a941f4
- SHA512
  
  ea2d9a04e321af21a2bba4fdd42b74ad4ea25ec35e60859821a472a05bf23a6e30885caa265482b3a92a912a87a8e1a5c0c479c5f3cc38a288338dd4b7d7c82b
- SSDEEP
  
  768:FBUog5/tyehkZAmBTqMsh19zh6+XFRNy4KZrojDgvEOarEJPxL:7Uoq3yVTqf1jzjxvgdDPxL
Score

1^/10
behavioral6
- Target
  
  GH Injector/GH Injector SM - x64.exe
- Size
  
  43KB
- MD5
  
  f2f96c8dd68ff07644cf13d6a3be6e54
- SHA1
  
  e723aca4e748472643e745a07d9009a0abcdeb79
- SHA256
  
  27498dd23557d1d7e0090c6acc4deba0970dc805199d58ac58932563c2a083f6
- SHA512
  
  9539d554c7d8bd2187271e5d940d3626ae2a8e096377485e0ebca34f7e6272ad59c3decf4eec5d15f4e3cf625dad105001ea5159f44b6a1ae69be47e47028bcb
- SSDEEP
  
  768:XmzeToRggozVGchZOZ2PlKswhJ/MttjX1crEJPxQ:XmzeT0oV6Z2b9TPxQ
Score

1^/10
behavioral7
- Target
  
  GH Injector/GH Injector SM - x86.exe
- Size
  
  37KB
- MD5
  
  2f30c85d0cc2b3621ee86e91f73525b6
- SHA1
  
  fd252188e5a32c288f8a3c481f6684845cd2266b
- SHA256
  
  d68dc9d1ee0b2f910cece43115bc07fa555f4fe7b891b740787ede1d858f8f55
- SHA512
  
  b877d6c0248ccdeaaf5ca717a0305c3d65b5d2dedb04659c0531f99e1ffaf784889a50bf59443727a823a7b2e7483469e36b2840484d101a38fd7fbc2a30017e
- SSDEEP
  
  768:fMK34i2oiTsiOzI1MKK0sn0sD4zq+5H0ZsJOht4j3rEJPxlbp:fME4RoiTe01E0sDMMb4+Pxld
Score

1^/10
behavioral8
- Target
  
  GH Injector/Qt5Cored.dll
- Size
  
  12.3MB
- MD5
  
  4ee7ac324351756ac9c580ba1dca3bda
- SHA1
  
  c961a3ec4783be2ac1275ea77a6ee1e596247dbf
- SHA256
  
  369ad8811f0f26e58a5b95875efbba6ea5eb1a37bdfdbaa92fb7920f06d226a1
- SHA512
  
  c482bac99743ce06b93fe4bf551874f574cd90de738d44d10b87bf7ce8fde79109cdf9edaecc9d1276b227476d16e963ef427b36a989423b4633c995dd3f8839
- SSDEEP
  
  196608:PqIDGpddH+e3FbP0Jsv6tWKFdu9C3DUxqfFF6:PqI6pddH+e3FbcJsv6tWKFdu9CTUxqf6
Score

1^/10
behavioral9
- Target
  
  GH Injector/Qt5Guid.dll
- Size
  
  16.4MB
- MD5
  
  34b3de16f1a6d1491737e309a9e8d828
- SHA1
  
  9db2943c41e99e6680752279cab2854eff296ed4
- SHA256
  
  7f21393a91952e12e3155ff9261e3d254ff12c14c23f860a0049add7c4ad1a18
- SHA512
  
  31d315a8eaad6c5729e329dae48999925fd61fffd29b01585a18891c1399dac4fcbb552bbb2832df9304cee27ede4d48884bd3789895d5cf3a5679dd5eb1d757
- SSDEEP
  
  98304:/7O3pr5w56Eg/nhg/KWmzEe9Ixp8UMqMyZ1ZtSC+WhhHJnylQ4n3sL:UcKWmz16p8TNyXHRylQ43sL
Score

1^/10
behavioral10
- Target
  
  GH Injector/Qt5Widgetsd.dll
- Size
  
  11.4MB
- MD5
  
  5c267dabf54786e267d29c0ef338613a
- SHA1
  
  fdccb15b2e14af506fa10c3192d2da9c53cab67e
- SHA256
  
  7a1e7d0066eca070bf189f2a21cea2344f322329e8b6a4cf2b2e492487d8593d
- SHA512
  
  ebbdb38d9007eefb0544c5266780c9c4ad885d87278435947b2cc748ee1525cd4cc28a4db98893ff0f7f61f9e66545286bc1927122f9beb2930e021d2a069a39
- SSDEEP
  
  49152:X7Uq78MdsudFeegKGKVkP8wt/VabA44ssYFvO+52xTk2/r6kAiAOyFbndInyz1ZJ:VB4/d+nOyj7hYax
Score

1^/10
behavioral11
- Target
  
  GH Injector/Settings.ini
- Size
  
  817B
- MD5
  
  8427d28f4514b1f43dbe3d13d42dd0cf
- SHA1
  
  6cfa75f373889c3c7be1d359160ab8872f63f099
- SHA256
  
  c7e1e7a1bb9b77aeae4f85e21be7500a65df616ef65fe60526602648e089a5c4
- SHA512
  
  803cc34589e960503122daacb2aa970a18c5bb1bc2cb3711e65c5c6a67f1c71481bcab5741beab2ff3e28a7ad5f0404642b9f1dd30cbb8678d1d381ebf4a9705
Score

1^/10
behavioral12
- Target
  
  GH Injector/clang_rt.asan_dynamic-x86_64.dll
- Size
  
  1.1MB
- MD5
  
  3850901ddddf32fd33aafaf3d07c8509
- SHA1
  
  d461c72c34841752401121f94e288e8df7d79bee
- SHA256
  
  31b5e27cba8214fb0433a6a0c5575b1c2d708b168b02940a86aa1dd5a5218f2f
- SHA512
  
  3e04cf27e8d9b7a50dc3bbf8287e4eaa83f5f165ac8fb6b2df82dece970c2d1ba253859b8eaf7c9cfe50c0ab72e5119624401d9156df9d9f859c8aefd7454167
- SSDEEP
  
  24576:0ppwi4h90xnjBKuzJnvd0UM8UTMZ3Lb+cx:6pD290xnvUTMd+O
Score

1^/10
behavioral13
- Target
  
  GH Injector/imageformats/qjpegd.dll
- Size
  
  807KB
- MD5
  
  627957adaf1e21715e78b558dd63670d
- SHA1
  
  c75115afef779dae4a06a1afa013cdad50338fe4
- SHA256
  
  d2d58cb9c44697539c68d407ff60462411fc7c3656113b9865c376e1f26c3494
- SHA512
  
  997f4d89f6926a091e403dad6f84050d951d9a9dda5ec5306e2a16bb1202f9ec370db5af38c9dc2e4fe667938803e979c1443e2dd11d3c787f3046de849fab0c
- SSDEEP
  
  6144:eSPFeTrO8PaddtZTyIV55VCVqPRRm4J2K1plYVoc7HhsVxT10gze+:9PnTyyPC74JJ67+
Score

1^/10
behavioral14
- Target
  
  GH Injector/platforms/qwindowsd.dll
- Size
  
  4.3MB
- MD5
  
  a50b468ec20d1267ca8d47641a4859db
- SHA1
  
  a73fb5980c3b2b37308272e35dd9cc741e08a11d
- SHA256
  
  164f5be6e129fe2a0d5e70d781e834cc93edc1e437815267890d89a1aacfd3cb
- SHA512
  
  f05cad4ffcf8d4aa4ae0d838f48561bc220d6939b20981644a4b15fa36260e8e57d96499d323fb73baba0c594f4d83b49f1525e943b196299f2a2445e774ee22
- SSDEEP
  
  49152:iWTwWKCI21UnsrKXQ3whUlEEGeG4RNZ1pyew0goaTrufkoI88s:e9Hyz9
Score

1^/10
behavioral15
- Target
  
  GH Injector/x64/ntdll.pdb
- Size
  
  2.2MB
- MD5
  
  fe6cfcc4e70854ef405b1efee17ca800
- SHA1
  
  0ee98787e8b27d086038390084b3ea33183fbd77
- SHA256
  
  f72c3da35923574dd0ea1417154b0d502e29bed1ef4ed75936ed050e7404e2fb
- SHA512
  
  d9968a647915d27f72aaeba885e644a2083c21fe7737abff79be466764e828ae7a499d22658cb58fd657037fef796f8bb1e269191d162fa259ff3b3bc701c3d7
- SSDEEP
  
  12288:DzQYSmwbZu3eJ4eA4OQGiTsAsrDQQYsD7cbrVcr:YYSmguleVZxE/6VY
Score

3^/10
behavioral16
- Target
  
  GH Injector/x86/wntdll.pdb
- Size
  
  2.1MB
- MD5
  
  283020f2e75f408af029ab0027faf58f
- SHA1
  
  32a772d13e852f5217227ee17b0aaa0fa94bd890
- SHA256
  
  59069fc197346dcde316cdbf605d66ebf6e5939f7f6a30412ec2b515546ce4c7
- SHA512
  
  fc0f6c08062f4700833992241c8f2fde30e8ecc42f429e52ba71b38c9b83a0f89700aa05983f17808f0fa9b9d7c3e1d0a6835380ff7e7a9ce67fa4a578a846f1
- SSDEEP
  
  12288:5ThgfgLz5droYjJU+Csp+WHKwMRC2cEC3ZrvCtK2xT7Gq2plz8T:cfg9pZti/Taz
Score

3^/10
behavioral17

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Blocklisted process makes network request

Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17