General
-
Target
5146b3073cb7fafb3bee76905cfba7f601b286e9488ba028d86cc0a906c54e27
-
Size
2.6MB
-
Sample
240619-d15qnaxdrj
-
MD5
07601e5947a2582851ec9fd07e31c3d1
-
SHA1
41f0e8798b53f77e8d271fe9dfa039b58288b588
-
SHA256
5146b3073cb7fafb3bee76905cfba7f601b286e9488ba028d86cc0a906c54e27
-
SHA512
aee4a9b7ae2de448b9089f2d03c8119636f39932c106f2eb27829e324a4c09691eb11eadfc3ef20a705a562f1a704e7a1fe59185fbe655a741719d1a2cb3f8d6
-
SSDEEP
24576:eCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nHz:eCwsbCANnKXferL7Vwe/Gg0P+Wh2gY
Static task
static1
Behavioral task
behavioral1
Sample
5146b3073cb7fafb3bee76905cfba7f601b286e9488ba028d86cc0a906c54e27.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
5146b3073cb7fafb3bee76905cfba7f601b286e9488ba028d86cc0a906c54e27
-
Size
2.6MB
-
MD5
07601e5947a2582851ec9fd07e31c3d1
-
SHA1
41f0e8798b53f77e8d271fe9dfa039b58288b588
-
SHA256
5146b3073cb7fafb3bee76905cfba7f601b286e9488ba028d86cc0a906c54e27
-
SHA512
aee4a9b7ae2de448b9089f2d03c8119636f39932c106f2eb27829e324a4c09691eb11eadfc3ef20a705a562f1a704e7a1fe59185fbe655a741719d1a2cb3f8d6
-
SSDEEP
24576:eCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nHz:eCwsbCANnKXferL7Vwe/Gg0P+Wh2gY
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-