General
-
Target
3c7db04ff655f435de246acedf8a6ee07c257d603e781c7ae937f217761dc12a
-
Size
2.5MB
-
Sample
240625-wdnsqstflc
-
MD5
2cb9bfba6bde521ced984cad2dd53ce2
-
SHA1
b960fd2cd4b76743ee5ee06a43e670ba4417e7cb
-
SHA256
3c7db04ff655f435de246acedf8a6ee07c257d603e781c7ae937f217761dc12a
-
SHA512
553dfe60343367c4e87d799186051f69aecffebf9528442dea3e19d3342d0649df4b59f6829253005bf846448a0fb32fe1b1a187b2da310edb9d3a381d649c73
-
SSDEEP
24576:YCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nHw:YCwsbCANnKXferL7Vwe/Gg0P+WhHuU
Static task
static1
Behavioral task
behavioral1
Sample
3c7db04ff655f435de246acedf8a6ee07c257d603e781c7ae937f217761dc12a.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
3c7db04ff655f435de246acedf8a6ee07c257d603e781c7ae937f217761dc12a
-
Size
2.5MB
-
MD5
2cb9bfba6bde521ced984cad2dd53ce2
-
SHA1
b960fd2cd4b76743ee5ee06a43e670ba4417e7cb
-
SHA256
3c7db04ff655f435de246acedf8a6ee07c257d603e781c7ae937f217761dc12a
-
SHA512
553dfe60343367c4e87d799186051f69aecffebf9528442dea3e19d3342d0649df4b59f6829253005bf846448a0fb32fe1b1a187b2da310edb9d3a381d649c73
-
SSDEEP
24576:YCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nHw:YCwsbCANnKXferL7Vwe/Gg0P+WhHuU
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-