General
-
Target
2e5fc627fe1dd54ce0a93a8ef53887b0bb5a12f3830ad5d807ce1bdc1b00995a
-
Size
1.9MB
-
Sample
240625-v71tqawdrj
-
MD5
de70e5d702e13cd26ca3c498f1a7458f
-
SHA1
4cd8f6ad4fbdf1d46d34c069fea60e123091fbf4
-
SHA256
2e5fc627fe1dd54ce0a93a8ef53887b0bb5a12f3830ad5d807ce1bdc1b00995a
-
SHA512
83f901eeb0bc437db5128e57412d5811af22d85b40846b7f79aae7323b72b473dfb6f1c421bf8cd45c9dd8307cc6f85b22a470f91398e9da035f7d41b60dad1b
-
SSDEEP
49152:uQZAdVyVT9n/Gg0P+WhoNNsQ4luvT5dyWRudqIqfovfKN:/GdVyVT9nOgmhQsQ4luL5dyWRudqIqfJ
Static task
static1
Behavioral task
behavioral1
Sample
2e5fc627fe1dd54ce0a93a8ef53887b0bb5a12f3830ad5d807ce1bdc1b00995a.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
2e5fc627fe1dd54ce0a93a8ef53887b0bb5a12f3830ad5d807ce1bdc1b00995a
-
Size
1.9MB
-
MD5
de70e5d702e13cd26ca3c498f1a7458f
-
SHA1
4cd8f6ad4fbdf1d46d34c069fea60e123091fbf4
-
SHA256
2e5fc627fe1dd54ce0a93a8ef53887b0bb5a12f3830ad5d807ce1bdc1b00995a
-
SHA512
83f901eeb0bc437db5128e57412d5811af22d85b40846b7f79aae7323b72b473dfb6f1c421bf8cd45c9dd8307cc6f85b22a470f91398e9da035f7d41b60dad1b
-
SSDEEP
49152:uQZAdVyVT9n/Gg0P+WhoNNsQ4luvT5dyWRudqIqfovfKN:/GdVyVT9nOgmhQsQ4luL5dyWRudqIqfJ
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-