General
-
Target
test.msi
-
Size
2.1MB
-
Sample
240523-c36v3aah3v
-
MD5
bfd00224b00b9f6f07f424f75cff6836
-
SHA1
2bf889bcc9b413cec07925bac78610391faecaad
-
SHA256
c6b1b984ea4cd7a1ac0c717afe91c3cc78bd2893f7e6a0ad661f7869d4289635
-
SHA512
eab303bd75a18948c7d2e0572f7ffbc1f9165972ec06163bd7e7274b3b743103b3d160d0c1d5b4a0d92735f34f6f6c6a5b9ec6e9c7fbc33494eaf18f564dbd90
-
SSDEEP
49152:p5yULiNbhfDc7yEq9WRhd9Itc71hE7T8XX5UpAH7uidqFWV63hTI97qjfAj:e05q2t7vGA5bkWkRTI9qjY
Static task
static1
Malware Config
Targets
-
-
Target
test.msi
-
Size
2.1MB
-
MD5
bfd00224b00b9f6f07f424f75cff6836
-
SHA1
2bf889bcc9b413cec07925bac78610391faecaad
-
SHA256
c6b1b984ea4cd7a1ac0c717afe91c3cc78bd2893f7e6a0ad661f7869d4289635
-
SHA512
eab303bd75a18948c7d2e0572f7ffbc1f9165972ec06163bd7e7274b3b743103b3d160d0c1d5b4a0d92735f34f6f6c6a5b9ec6e9c7fbc33494eaf18f564dbd90
-
SSDEEP
49152:p5yULiNbhfDc7yEq9WRhd9Itc71hE7T8XX5UpAH7uidqFWV63hTI97qjfAj:e05q2t7vGA5bkWkRTI9qjY
-
Gh0st RAT payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies Installed Components in the registry
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-