General
-
Target
4fe30eccaa4100a2beebc44629172b32ee16df454f28e43fec3ab6c9cc3a555d
-
Size
7.7MB
-
Sample
240525-xhhyqaef76
-
MD5
19546560810ef99711b271c935b2d15a
-
SHA1
154834254edaf11212c4a5ad2ccd3b932eb832c7
-
SHA256
4fe30eccaa4100a2beebc44629172b32ee16df454f28e43fec3ab6c9cc3a555d
-
SHA512
410e4d16f78d5b2840e82033ed9489b088736fce3e0f88072b3e45dcfdb6829b6dc6d8cad0dfaeb279fc05cec4c120f5b12ee9caa9f7464ad09649b1020b222d
-
SSDEEP
196608:WKXbeO7sL+LKiStnVHmnbd78jAWs6rEI/lRZZ:779Kxt1eaTs6rEEvZ
Static task
static1
Behavioral task
behavioral1
Sample
4fe30eccaa4100a2beebc44629172b32ee16df454f28e43fec3ab6c9cc3a555d.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
4fe30eccaa4100a2beebc44629172b32ee16df454f28e43fec3ab6c9cc3a555d
-
Size
7.7MB
-
MD5
19546560810ef99711b271c935b2d15a
-
SHA1
154834254edaf11212c4a5ad2ccd3b932eb832c7
-
SHA256
4fe30eccaa4100a2beebc44629172b32ee16df454f28e43fec3ab6c9cc3a555d
-
SHA512
410e4d16f78d5b2840e82033ed9489b088736fce3e0f88072b3e45dcfdb6829b6dc6d8cad0dfaeb279fc05cec4c120f5b12ee9caa9f7464ad09649b1020b222d
-
SSDEEP
196608:WKXbeO7sL+LKiStnVHmnbd78jAWs6rEI/lRZZ:779Kxt1eaTs6rEEvZ
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-