General
-
Target
27a65042e1d87702f9e979fcf17af460500719fe9b0ff711bd149f0565c238fa
-
Size
2.7MB
-
Sample
240625-s3hq8sycla
-
MD5
3286b1c9f5dd396fefa0632511dece15
-
SHA1
ac4eed514916ff86b6a2a29535d987e94f023942
-
SHA256
27a65042e1d87702f9e979fcf17af460500719fe9b0ff711bd149f0565c238fa
-
SHA512
ca40d1ef1f8d03b85a0b36ed9089293ceb7eac31d9f3b769cae50f475829cc9fea71c11644a74907ff539b70e510f2fa4efba4e53dc2397b58faecab553fee7c
-
SSDEEP
49152:YCwsbCANnKXferL7Vwe/Gg0P+WhBan2a4R3Uw:zws2ANnKXOaeOgmhBan2a4P
Static task
static1
Behavioral task
behavioral1
Sample
27a65042e1d87702f9e979fcf17af460500719fe9b0ff711bd149f0565c238fa.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
27a65042e1d87702f9e979fcf17af460500719fe9b0ff711bd149f0565c238fa
-
Size
2.7MB
-
MD5
3286b1c9f5dd396fefa0632511dece15
-
SHA1
ac4eed514916ff86b6a2a29535d987e94f023942
-
SHA256
27a65042e1d87702f9e979fcf17af460500719fe9b0ff711bd149f0565c238fa
-
SHA512
ca40d1ef1f8d03b85a0b36ed9089293ceb7eac31d9f3b769cae50f475829cc9fea71c11644a74907ff539b70e510f2fa4efba4e53dc2397b58faecab553fee7c
-
SSDEEP
49152:YCwsbCANnKXferL7Vwe/Gg0P+WhBan2a4R3Uw:zws2ANnKXOaeOgmhBan2a4P
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-