General
-
Target
f12f3c72a962ec7ff9339d417d6b7c3b75786396964ee29e9b07ff8affe1f798
-
Size
5.1MB
-
Sample
240625-v7dzystcna
-
MD5
522500daa767d10e5d2e0aa43d1c2dc1
-
SHA1
42aec654eab4e7cb5013caf24cd0e02e3e2fbc61
-
SHA256
f12f3c72a962ec7ff9339d417d6b7c3b75786396964ee29e9b07ff8affe1f798
-
SHA512
6fefec37e414d2614372fd93eb2557708f3627bcd4e3750ed6fbf3c0b4bd55c7acb4021612f630cf412d2b8f546fff2be6f775a9cbfc1c0b8e8f6258d6c02b39
-
SSDEEP
49152:AQZAdVyVT9n/Gg0P+WhokWFuUn9cmCW1dhM8A1BWYqseqxo0Qwn+hRIzw8mznSdt:JGdVyVT9nOgmhrPmXA3WY2PsFB1qA
Static task
static1
Behavioral task
behavioral1
Sample
f12f3c72a962ec7ff9339d417d6b7c3b75786396964ee29e9b07ff8affe1f798.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
f12f3c72a962ec7ff9339d417d6b7c3b75786396964ee29e9b07ff8affe1f798
-
Size
5.1MB
-
MD5
522500daa767d10e5d2e0aa43d1c2dc1
-
SHA1
42aec654eab4e7cb5013caf24cd0e02e3e2fbc61
-
SHA256
f12f3c72a962ec7ff9339d417d6b7c3b75786396964ee29e9b07ff8affe1f798
-
SHA512
6fefec37e414d2614372fd93eb2557708f3627bcd4e3750ed6fbf3c0b4bd55c7acb4021612f630cf412d2b8f546fff2be6f775a9cbfc1c0b8e8f6258d6c02b39
-
SSDEEP
49152:AQZAdVyVT9n/Gg0P+WhokWFuUn9cmCW1dhM8A1BWYqseqxo0Qwn+hRIzw8mznSdt:JGdVyVT9nOgmhrPmXA3WY2PsFB1qA
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-