General
-
Target
6192453c9d8aabc7c26fc7142fe98ae7cb006b41909b3424d6cd2ff1be6e9ba0
-
Size
3.4MB
-
Sample
240625-wcxn9awglm
-
MD5
354fabc893473ab639f6c73659548c99
-
SHA1
a326c06a7842b2a7ad5186b9b3220c8c3322f9fc
-
SHA256
6192453c9d8aabc7c26fc7142fe98ae7cb006b41909b3424d6cd2ff1be6e9ba0
-
SHA512
c02b59ad6f2248b0eefb5df596e9ae544b0f413c0345e063fc7ba3270b27f0d3202c87c60f6de08002a1c8f527e5a1516d0985ed7c8bdad05328ddf43a0ed0fc
-
SSDEEP
49152:UCwsbCANnKXferL7Vwe/Gg0P+Wh2ua7J3jrI+7TvuBoM:3ws2ANnKXOaeOgmhhc3jEPBoM
Static task
static1
Behavioral task
behavioral1
Sample
6192453c9d8aabc7c26fc7142fe98ae7cb006b41909b3424d6cd2ff1be6e9ba0.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
6192453c9d8aabc7c26fc7142fe98ae7cb006b41909b3424d6cd2ff1be6e9ba0
-
Size
3.4MB
-
MD5
354fabc893473ab639f6c73659548c99
-
SHA1
a326c06a7842b2a7ad5186b9b3220c8c3322f9fc
-
SHA256
6192453c9d8aabc7c26fc7142fe98ae7cb006b41909b3424d6cd2ff1be6e9ba0
-
SHA512
c02b59ad6f2248b0eefb5df596e9ae544b0f413c0345e063fc7ba3270b27f0d3202c87c60f6de08002a1c8f527e5a1516d0985ed7c8bdad05328ddf43a0ed0fc
-
SSDEEP
49152:UCwsbCANnKXferL7Vwe/Gg0P+Wh2ua7J3jrI+7TvuBoM:3ws2ANnKXOaeOgmhhc3jEPBoM
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-