General
-
Target
44c220651856acc5554db7067e2cc4205a947044142604f6482952e802cf36b5
-
Size
141KB
-
Sample
240422-yz9y7sff9s
-
MD5
20106927ddeb4caa29d0c4879bc82f3d
-
SHA1
5bbb91b7c923a3b81ab7baa3122ae1f76a9899f8
-
SHA256
44c220651856acc5554db7067e2cc4205a947044142604f6482952e802cf36b5
-
SHA512
11f8b8b0a50026017e21d76c171b44a8f661af63676b95b6ac88a97f06801e97e7f5ebf0b22a5bfa34ca82e2ff8f051ffc6f6dbd141cc6e5656e0250b0cf5c82
-
SSDEEP
3072:nUDBHy4BBy6eFJrmmIewRxMzJSQ6rVf0SAeq:n0yB6oJrcRMQxrVf3
Behavioral task
behavioral1
Sample
44c220651856acc5554db7067e2cc4205a947044142604f6482952e802cf36b5.dll
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
44c220651856acc5554db7067e2cc4205a947044142604f6482952e802cf36b5
-
Size
141KB
-
MD5
20106927ddeb4caa29d0c4879bc82f3d
-
SHA1
5bbb91b7c923a3b81ab7baa3122ae1f76a9899f8
-
SHA256
44c220651856acc5554db7067e2cc4205a947044142604f6482952e802cf36b5
-
SHA512
11f8b8b0a50026017e21d76c171b44a8f661af63676b95b6ac88a97f06801e97e7f5ebf0b22a5bfa34ca82e2ff8f051ffc6f6dbd141cc6e5656e0250b0cf5c82
-
SSDEEP
3072:nUDBHy4BBy6eFJrmmIewRxMzJSQ6rVf0SAeq:n0yB6oJrcRMQxrVf3
-
Gh0st RAT payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-