098ac3e6c47da12ac756e082e6bb8140bce495f8e8383c9e5ac90e777301485f | Triage

Sharing

General

Target

Ghost_Chair.exe
Size

902KB
Sample

240524-eaa9ssbh23
MD5

be281884ffdbd2de2c56b96d02c16d15
SHA1

8a28794e32a143959fdfd5620b92face0499f632
SHA256

098ac3e6c47da12ac756e082e6bb8140bce495f8e8383c9e5ac90e777301485f
SHA512

fc95e7b5b6664a08a009b1dea82b18f1ce82c7aafb5719edb128d3f5e2441f58eeb67d77f50d4a57ae209339fce816714a39e79d6a2cee18bf501e3193453269
SSDEEP

12288:wm/rWPJbiF+hz5ptMhh5BOjxRwD+DdAs4eWD+PZE9O2bJIC0fDNN:JrWPhiFmzvO1OjTouRBM+O93l0fZ

Score

8^/10

evasion execution

Malware Config

Targets

- Target
  
  Ghost_Chair.exe
- Size
  
  902KB
- MD5
  
  be281884ffdbd2de2c56b96d02c16d15
- SHA1
  
  8a28794e32a143959fdfd5620b92face0499f632
- SHA256
  
  098ac3e6c47da12ac756e082e6bb8140bce495f8e8383c9e5ac90e777301485f
- SHA512
  
  fc95e7b5b6664a08a009b1dea82b18f1ce82c7aafb5719edb128d3f5e2441f58eeb67d77f50d4a57ae209339fce816714a39e79d6a2cee18bf501e3193453269
- SSDEEP
  
  12288:wm/rWPJbiF+hz5ptMhh5BOjxRwD+DdAs4eWD+PZE9O2bJIC0fDNN:JrWPhiFmzvO1OjTouRBM+O93l0fZ
Score

8^/10

evasion execution
- Stops running service(s)
  evasion execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionexecution

behavioral2

evasionexecution