General
-
Target
c2e2f668cab6d58ca325f8117224c39e0f2a37c71cbb4c074ba52943c14e22ba
-
Size
2.1MB
-
Sample
240625-wkl8gsthne
-
MD5
926648c60293b7571246b6c4bcade44b
-
SHA1
8756cdf52b962197efccb1897a4f0d1d55eb90ff
-
SHA256
c2e2f668cab6d58ca325f8117224c39e0f2a37c71cbb4c074ba52943c14e22ba
-
SHA512
69c3e77bec4382bf253b80c92d05036a45f8bae6d86ef3c51618b3a98b5562cecf3802e7d87b0769fb7d10f13fb0aeab536c0a7a957df7d55d7032e707a6a52a
-
SSDEEP
24576:AQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cVYy1YbnepsCVxilP/f+GyduTTo:AQZAdVyVT9n/Gg0P+WhoDy0GxoydeNud
Static task
static1
Behavioral task
behavioral1
Sample
c2e2f668cab6d58ca325f8117224c39e0f2a37c71cbb4c074ba52943c14e22ba.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
c2e2f668cab6d58ca325f8117224c39e0f2a37c71cbb4c074ba52943c14e22ba
-
Size
2.1MB
-
MD5
926648c60293b7571246b6c4bcade44b
-
SHA1
8756cdf52b962197efccb1897a4f0d1d55eb90ff
-
SHA256
c2e2f668cab6d58ca325f8117224c39e0f2a37c71cbb4c074ba52943c14e22ba
-
SHA512
69c3e77bec4382bf253b80c92d05036a45f8bae6d86ef3c51618b3a98b5562cecf3802e7d87b0769fb7d10f13fb0aeab536c0a7a957df7d55d7032e707a6a52a
-
SSDEEP
24576:AQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cVYy1YbnepsCVxilP/f+GyduTTo:AQZAdVyVT9n/Gg0P+WhoDy0GxoydeNud
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-