General
-
Target
afb8cb9a130ec071d62cc21b34e4e82f8e88cf5e6c666f9330553993faef1088
-
Size
2.4MB
-
Sample
240625-xc7pwsyflr
-
MD5
9e293d84bef44881bbdd8641eb6140d0
-
SHA1
930f1ba63442dae8d81376d726ee49527af31a99
-
SHA256
afb8cb9a130ec071d62cc21b34e4e82f8e88cf5e6c666f9330553993faef1088
-
SHA512
ba9eb367820f344c1c0da66df7153429d045abc93ee0789a46a293a7b70175fca847c78f87327566d573f69f6d2c03097b9ee7f307ec3c299295564b5d9c40c9
-
SSDEEP
49152:BCwsbCANnKXferL7Vwe/Gg0P+WhnatTS2:sws2ANnKXOaeOgmhatTS2
Static task
static1
Behavioral task
behavioral1
Sample
afb8cb9a130ec071d62cc21b34e4e82f8e88cf5e6c666f9330553993faef1088.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
afb8cb9a130ec071d62cc21b34e4e82f8e88cf5e6c666f9330553993faef1088
-
Size
2.4MB
-
MD5
9e293d84bef44881bbdd8641eb6140d0
-
SHA1
930f1ba63442dae8d81376d726ee49527af31a99
-
SHA256
afb8cb9a130ec071d62cc21b34e4e82f8e88cf5e6c666f9330553993faef1088
-
SHA512
ba9eb367820f344c1c0da66df7153429d045abc93ee0789a46a293a7b70175fca847c78f87327566d573f69f6d2c03097b9ee7f307ec3c299295564b5d9c40c9
-
SSDEEP
49152:BCwsbCANnKXferL7Vwe/Gg0P+WhnatTS2:sws2ANnKXOaeOgmhatTS2
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-