General
-
Target
4a94af56cafff9cb6c045db29bae5821dac2d101b779b37dd2c5a5e2f0dbbe81
-
Size
8.8MB
-
Sample
240526-jthv7scf85
-
MD5
0cce02016cada3b29c6bc175b20b55b5
-
SHA1
eb51eb4e1c581b5a69d56a31f48115c4745764bd
-
SHA256
4a94af56cafff9cb6c045db29bae5821dac2d101b779b37dd2c5a5e2f0dbbe81
-
SHA512
a96bfc339d7abb7ade6672f5c19ab27cbb61aa58ebaf51721062c92afbb1e0486e3029aff9b0d549dac3fb708853f76da91f02b3b499d30a2dc8ac90c524fe56
-
SSDEEP
196608:8iINy2LkSPVIsfjruFlDoWRpEfsoCZTZ9WcP3AyOl/sJ:qPqsGF1b77oClZ9WXT
Static task
static1
Behavioral task
behavioral1
Sample
4a94af56cafff9cb6c045db29bae5821dac2d101b779b37dd2c5a5e2f0dbbe81.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
4a94af56cafff9cb6c045db29bae5821dac2d101b779b37dd2c5a5e2f0dbbe81
-
Size
8.8MB
-
MD5
0cce02016cada3b29c6bc175b20b55b5
-
SHA1
eb51eb4e1c581b5a69d56a31f48115c4745764bd
-
SHA256
4a94af56cafff9cb6c045db29bae5821dac2d101b779b37dd2c5a5e2f0dbbe81
-
SHA512
a96bfc339d7abb7ade6672f5c19ab27cbb61aa58ebaf51721062c92afbb1e0486e3029aff9b0d549dac3fb708853f76da91f02b3b499d30a2dc8ac90c524fe56
-
SSDEEP
196608:8iINy2LkSPVIsfjruFlDoWRpEfsoCZTZ9WcP3AyOl/sJ:qPqsGF1b77oClZ9WXT
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-