General
-
Target
2da6e0667e55e230ab74c5eaf521dc0c54fe299f6d4034aa49a346bf42307ef8
-
Size
2.7MB
-
Sample
240619-f6vhzsyhqr
-
MD5
25dc8b25c54e8acc2d64be8932a52f7d
-
SHA1
7806c8c3468a96f1e252275fd8c0ea1e5f88242f
-
SHA256
2da6e0667e55e230ab74c5eaf521dc0c54fe299f6d4034aa49a346bf42307ef8
-
SHA512
d103dcad2be61c90feff554b6ee7e475d496b68e9f66a3562463a288dab5dd80a60e2080d44448430aa5e591f2b019711236f13c51b69c31c18b91ad1c71979d
-
SSDEEP
49152:QCwsbCANnKXferL7Vwe/Gg0P+WhlnzpEWoxvD:7ws2ANnKXOaeOgmhVKZxL
Static task
static1
Behavioral task
behavioral1
Sample
2da6e0667e55e230ab74c5eaf521dc0c54fe299f6d4034aa49a346bf42307ef8.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
2da6e0667e55e230ab74c5eaf521dc0c54fe299f6d4034aa49a346bf42307ef8
-
Size
2.7MB
-
MD5
25dc8b25c54e8acc2d64be8932a52f7d
-
SHA1
7806c8c3468a96f1e252275fd8c0ea1e5f88242f
-
SHA256
2da6e0667e55e230ab74c5eaf521dc0c54fe299f6d4034aa49a346bf42307ef8
-
SHA512
d103dcad2be61c90feff554b6ee7e475d496b68e9f66a3562463a288dab5dd80a60e2080d44448430aa5e591f2b019711236f13c51b69c31c18b91ad1c71979d
-
SSDEEP
49152:QCwsbCANnKXferL7Vwe/Gg0P+WhlnzpEWoxvD:7ws2ANnKXOaeOgmhVKZxL
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-