General
-
Target
e1e7e8073a7c4e422812ae5ec8bd985a2512de0757705d764f49e41a2151c1ae
-
Size
1.9MB
-
Sample
240625-wf55sstgjg
-
MD5
2cdb420dfe8252a5d5c253950be44442
-
SHA1
fee05af9a5079766065e560713d9a6d992eb79df
-
SHA256
e1e7e8073a7c4e422812ae5ec8bd985a2512de0757705d764f49e41a2151c1ae
-
SHA512
0b7a3d705608d605724940f8298ba586d0eed3b4c3cd0696fedd6e72059b9664552f61e2f741784fc31918b14bbe72ef1a640b978969e21629f5af53fa829a41
-
SSDEEP
24576:9QZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cVo/ILUsWAsPOg7i6j+qM8+Eo01:9QZAdVyVT9n/Gg0P+WhoZ4FDopj+619
Static task
static1
Behavioral task
behavioral1
Sample
e1e7e8073a7c4e422812ae5ec8bd985a2512de0757705d764f49e41a2151c1ae.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
e1e7e8073a7c4e422812ae5ec8bd985a2512de0757705d764f49e41a2151c1ae
-
Size
1.9MB
-
MD5
2cdb420dfe8252a5d5c253950be44442
-
SHA1
fee05af9a5079766065e560713d9a6d992eb79df
-
SHA256
e1e7e8073a7c4e422812ae5ec8bd985a2512de0757705d764f49e41a2151c1ae
-
SHA512
0b7a3d705608d605724940f8298ba586d0eed3b4c3cd0696fedd6e72059b9664552f61e2f741784fc31918b14bbe72ef1a640b978969e21629f5af53fa829a41
-
SSDEEP
24576:9QZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cVo/ILUsWAsPOg7i6j+qM8+Eo01:9QZAdVyVT9n/Gg0P+WhoZ4FDopj+619
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-