General
-
Target
cc0dde01117d35378089919a0ec3ca678e6beceab3f093c1526df4949ea46c7b
-
Size
80KB
-
Sample
240419-wf7cvsca5t
-
MD5
73f3e4b40dcb9101ddcfea5365feb164
-
SHA1
6486e8bf1aeebbea72ccef000ccc2e3a9f8bc400
-
SHA256
cc0dde01117d35378089919a0ec3ca678e6beceab3f093c1526df4949ea46c7b
-
SHA512
e226e84307be615821477e229e13a7de92f39349aec3bb14d58dc7db6e1de877ea3232c472fd769e5a8ee672002c634343acf9b2e4035c87e98e22a268da7cfb
-
SSDEEP
1536:cCEhyR6S+8vUZ1zvBU7qQaAfrTBXuyIIr61+knllzklbiGVd3DiJq:cbyW8vwMGAfrTBXuyIx++z0iGWq
Behavioral task
behavioral1
Sample
cf8ecb6dbe903a56679d0adaaf5588a58c0f5ac1999fe187189e4d04c916015f.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
cf8ecb6dbe903a56679d0adaaf5588a58c0f5ac1999fe187189e4d04c916015f.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
cf8ecb6dbe903a56679d0adaaf5588a58c0f5ac1999fe187189e4d04c916015f.exe
-
Size
83KB
-
MD5
50d4a04522a21e540cbf368f49432778
-
SHA1
55a4445ad3213788803c3fcd5adce45137b3a155
-
SHA256
cf8ecb6dbe903a56679d0adaaf5588a58c0f5ac1999fe187189e4d04c916015f
-
SHA512
08ebf0b333ad8dc8951347437bc2f1b7647763aaf4dce13d8ab1db14bc66539fd58ba263572b57e07c24b4470b3100585e881a843d663dff1eb7e5201f4e4bae
-
SSDEEP
1536:5M8/+vtlxZTLY9qgJodItYg2pyb4WR927FSijIVTUKvScg7DSf:T+rx98qgJoItKfqYpxsYcg7DK
Score10/10-
Gh0st RAT payload
-
Sets DLL path for service in the registry
-
Deletes itself
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-