General
-
Target
c189f2fae32570e2856d2398fa88acad6894751c3611f37807f550b4fc61b1ef
-
Size
154KB
-
Sample
240604-mjjljadc7s
-
MD5
6b68ab996cd11f693dcb3f416dea3d48
-
SHA1
b3edd058a611c5021367ad257b12d86b041055cd
-
SHA256
c189f2fae32570e2856d2398fa88acad6894751c3611f37807f550b4fc61b1ef
-
SHA512
4429847c6d8c73179846fac32ee7168e204b51af5c01b9865c0cdeef6ead2dc0602b49f0885b09c3998f914af135475d6c50a81e3a247790e3579053aadea0ee
-
SSDEEP
3072:dhPm77B1ZDwB76mVlZ9FArVf0SA3MG5vY:vWd1ZDg7HXArVf65vY
Behavioral task
behavioral1
Sample
c189f2fae32570e2856d2398fa88acad6894751c3611f37807f550b4fc61b1ef.dll
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
c189f2fae32570e2856d2398fa88acad6894751c3611f37807f550b4fc61b1ef
-
Size
154KB
-
MD5
6b68ab996cd11f693dcb3f416dea3d48
-
SHA1
b3edd058a611c5021367ad257b12d86b041055cd
-
SHA256
c189f2fae32570e2856d2398fa88acad6894751c3611f37807f550b4fc61b1ef
-
SHA512
4429847c6d8c73179846fac32ee7168e204b51af5c01b9865c0cdeef6ead2dc0602b49f0885b09c3998f914af135475d6c50a81e3a247790e3579053aadea0ee
-
SSDEEP
3072:dhPm77B1ZDwB76mVlZ9FArVf0SA3MG5vY:vWd1ZDg7HXArVf65vY
-
Gh0st RAT payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-