General
-
Target
62991e3a1e789cae6fadd15a29a1c756ac2042d394e79eca5525e2065f8e2995
-
Size
2.6MB
-
Sample
240625-wnac4avapa
-
MD5
60144eb61bb4e1eadc8d9cb1d4ef3e0e
-
SHA1
37109448ad5a965a4dba068036beb1176f867068
-
SHA256
62991e3a1e789cae6fadd15a29a1c756ac2042d394e79eca5525e2065f8e2995
-
SHA512
4771f984bc7cb480ee7114cb7e9bf7dadacff2413ea6c2abf3594cbef932183e109c12f5bc2757d9349089fd148c037c716d4c29e62de13b3fa8949afb680f27
-
SSDEEP
24576:sCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nHt:sCwsbCANnKXferL7Vwe/Gg0P+Why7
Static task
static1
Behavioral task
behavioral1
Sample
62991e3a1e789cae6fadd15a29a1c756ac2042d394e79eca5525e2065f8e2995.exe
Resource
win7-20240419-en
Malware Config
Targets
-
-
Target
62991e3a1e789cae6fadd15a29a1c756ac2042d394e79eca5525e2065f8e2995
-
Size
2.6MB
-
MD5
60144eb61bb4e1eadc8d9cb1d4ef3e0e
-
SHA1
37109448ad5a965a4dba068036beb1176f867068
-
SHA256
62991e3a1e789cae6fadd15a29a1c756ac2042d394e79eca5525e2065f8e2995
-
SHA512
4771f984bc7cb480ee7114cb7e9bf7dadacff2413ea6c2abf3594cbef932183e109c12f5bc2757d9349089fd148c037c716d4c29e62de13b3fa8949afb680f27
-
SSDEEP
24576:sCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nHt:sCwsbCANnKXferL7Vwe/Gg0P+Why7
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-