General
-
Target
711f380c4024bf5195aae1415cbd25c2b19926ca67e66e8f25e13e7debf7be27
-
Size
11.0MB
-
Sample
240524-d5gvdsbe7t
-
MD5
3670f9f280bee7c6ebabdaf61848c266
-
SHA1
3caa4033f06f14f8d84703edd65f5bb4f403e451
-
SHA256
711f380c4024bf5195aae1415cbd25c2b19926ca67e66e8f25e13e7debf7be27
-
SHA512
c43096823a58c67a73d0b15550035abb9a8f447f44b47775faadda67f28237e720d2e838c8409ebfe9d31978102d193136ff6b25aa52bbf4ccebdcc35a1e82d2
-
SSDEEP
196608:mWT9nO7jay6rW3svpOgOGYS6YmKy/i7h6iyHlEMsfgf5KXi:G7jd6npwjdZ/mZzzgf5
Static task
static1
Behavioral task
behavioral1
Sample
711f380c4024bf5195aae1415cbd25c2b19926ca67e66e8f25e13e7debf7be27.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
711f380c4024bf5195aae1415cbd25c2b19926ca67e66e8f25e13e7debf7be27
-
Size
11.0MB
-
MD5
3670f9f280bee7c6ebabdaf61848c266
-
SHA1
3caa4033f06f14f8d84703edd65f5bb4f403e451
-
SHA256
711f380c4024bf5195aae1415cbd25c2b19926ca67e66e8f25e13e7debf7be27
-
SHA512
c43096823a58c67a73d0b15550035abb9a8f447f44b47775faadda67f28237e720d2e838c8409ebfe9d31978102d193136ff6b25aa52bbf4ccebdcc35a1e82d2
-
SSDEEP
196608:mWT9nO7jay6rW3svpOgOGYS6YmKy/i7h6iyHlEMsfgf5KXi:G7jd6npwjdZ/mZzzgf5
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-