General
-
Target
a266e21b9ec648c6fffc971e671342aa0e847c4bfccddb50a365f0dfc1bea474
-
Size
3.2MB
-
Sample
240525-xlqsqseh42
-
MD5
cbf5e9777d52cf7d46e24e1164fd8f9a
-
SHA1
4ad243a34114597680bbe3d99974d0ab4e8772cf
-
SHA256
a266e21b9ec648c6fffc971e671342aa0e847c4bfccddb50a365f0dfc1bea474
-
SHA512
8bb8112dfb133ae22a038f472e7e046a85587794bf6361a705714001e5798330a7f8ab8a0e9c064f382f6ba505174fccede348c61bfc5af20a2d971b76f76d90
-
SSDEEP
98304:tGdVyVT9nOgmhp8ahWyGf9kIIhWU3tiy4lqg9:qWT9nO7QahWHf9mF
Static task
static1
Behavioral task
behavioral1
Sample
a266e21b9ec648c6fffc971e671342aa0e847c4bfccddb50a365f0dfc1bea474.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
a266e21b9ec648c6fffc971e671342aa0e847c4bfccddb50a365f0dfc1bea474
-
Size
3.2MB
-
MD5
cbf5e9777d52cf7d46e24e1164fd8f9a
-
SHA1
4ad243a34114597680bbe3d99974d0ab4e8772cf
-
SHA256
a266e21b9ec648c6fffc971e671342aa0e847c4bfccddb50a365f0dfc1bea474
-
SHA512
8bb8112dfb133ae22a038f472e7e046a85587794bf6361a705714001e5798330a7f8ab8a0e9c064f382f6ba505174fccede348c61bfc5af20a2d971b76f76d90
-
SSDEEP
98304:tGdVyVT9nOgmhp8ahWyGf9kIIhWU3tiy4lqg9:qWT9nO7QahWHf9mF
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-