General
-
Target
1facf04f63625a13452f7a170984772d3ea9bd0adb9974262a81527dc6da99b4
-
Size
1.4MB
-
Sample
240624-r3qleaxdlb
-
MD5
f694ab08ee37176d2cb7dc0133d5046c
-
SHA1
9617ec3f9d607217cc5a6bdf190486c74a2956c7
-
SHA256
1facf04f63625a13452f7a170984772d3ea9bd0adb9974262a81527dc6da99b4
-
SHA512
bbdd2c1895541ecced92157105943fe737980cc791921562d27415792bf5cf95075c53c5a3a5fe63dc3d28a02e2e0d567e3b28702deab0c665951f8e5667ce42
-
SSDEEP
24576:F39WaOyHutimZ9VSly2hVvHW6qMnSbTBBhBMN:598HPkVOBTK
Static task
static1
Behavioral task
behavioral1
Sample
1facf04f63625a13452f7a170984772d3ea9bd0adb9974262a81527dc6da99b4.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
1facf04f63625a13452f7a170984772d3ea9bd0adb9974262a81527dc6da99b4
-
Size
1.4MB
-
MD5
f694ab08ee37176d2cb7dc0133d5046c
-
SHA1
9617ec3f9d607217cc5a6bdf190486c74a2956c7
-
SHA256
1facf04f63625a13452f7a170984772d3ea9bd0adb9974262a81527dc6da99b4
-
SHA512
bbdd2c1895541ecced92157105943fe737980cc791921562d27415792bf5cf95075c53c5a3a5fe63dc3d28a02e2e0d567e3b28702deab0c665951f8e5667ce42
-
SSDEEP
24576:F39WaOyHutimZ9VSly2hVvHW6qMnSbTBBhBMN:598HPkVOBTK
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-