General
-
Target
a0e1faa2a69bde41e847f465dda5930bde42f9f8e4e3b2c4edccd62b8c374645
-
Size
8.3MB
-
Sample
240625-wexf9swhkq
-
MD5
430e0880657edb7bcabd32b4b3945c2c
-
SHA1
bd0147bb75f5778b4333f68fe5a613f4fa0b60c0
-
SHA256
a0e1faa2a69bde41e847f465dda5930bde42f9f8e4e3b2c4edccd62b8c374645
-
SHA512
fba9cf5b16fc3cd4d10bfb84a82fcba1d610394e79fb0690b65f639e7d42d9fe653be3aa5ad15a50cee70abc60637837818b7a02a0e4c2b8f854b67369c27c3b
-
SSDEEP
196608:0KXbeO7bQ7QmmF+QylBTZbvFVX89XVZUT7upkB:F7bQ7tKyn3V8BVZw7upkB
Static task
static1
Behavioral task
behavioral1
Sample
a0e1faa2a69bde41e847f465dda5930bde42f9f8e4e3b2c4edccd62b8c374645.exe
Resource
win7-20240419-en
Malware Config
Targets
-
-
Target
a0e1faa2a69bde41e847f465dda5930bde42f9f8e4e3b2c4edccd62b8c374645
-
Size
8.3MB
-
MD5
430e0880657edb7bcabd32b4b3945c2c
-
SHA1
bd0147bb75f5778b4333f68fe5a613f4fa0b60c0
-
SHA256
a0e1faa2a69bde41e847f465dda5930bde42f9f8e4e3b2c4edccd62b8c374645
-
SHA512
fba9cf5b16fc3cd4d10bfb84a82fcba1d610394e79fb0690b65f639e7d42d9fe653be3aa5ad15a50cee70abc60637837818b7a02a0e4c2b8f854b67369c27c3b
-
SSDEEP
196608:0KXbeO7bQ7QmmF+QylBTZbvFVX89XVZUT7upkB:F7bQ7tKyn3V8BVZw7upkB
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-