General
-
Target
0d96a098c28aa7963c12afd28793d914a68c252f8354bf908950a45d9d3f0768
-
Size
2.8MB
-
Sample
240625-xcp5vayfjj
-
MD5
adccb73543d5254ac1a4d031922e5751
-
SHA1
321a3be4cfffbd32d508c610858ad31718e3c038
-
SHA256
0d96a098c28aa7963c12afd28793d914a68c252f8354bf908950a45d9d3f0768
-
SHA512
21d44e3762948b56615ec299218a234a48251451c47c99d513fd964f19031783c5b4d065365f41c9fd139a44ff2e1c3bea415d92f42b2ec7738e6ccce41f71b7
-
SSDEEP
49152:XCwsbCANnKXferL7Vwe/Gg0P+WhzlRVZK89d4h+RiSa:Sws2ANnKXOaeOgmhzlRVZK8j4Au
Static task
static1
Behavioral task
behavioral1
Sample
0d96a098c28aa7963c12afd28793d914a68c252f8354bf908950a45d9d3f0768.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
0d96a098c28aa7963c12afd28793d914a68c252f8354bf908950a45d9d3f0768
-
Size
2.8MB
-
MD5
adccb73543d5254ac1a4d031922e5751
-
SHA1
321a3be4cfffbd32d508c610858ad31718e3c038
-
SHA256
0d96a098c28aa7963c12afd28793d914a68c252f8354bf908950a45d9d3f0768
-
SHA512
21d44e3762948b56615ec299218a234a48251451c47c99d513fd964f19031783c5b4d065365f41c9fd139a44ff2e1c3bea415d92f42b2ec7738e6ccce41f71b7
-
SSDEEP
49152:XCwsbCANnKXferL7Vwe/Gg0P+WhzlRVZK89d4h+RiSa:Sws2ANnKXOaeOgmhzlRVZK8j4Au
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-