General
-
Target
08f0087969d393fdd22c741a43f0318ecc99ad538fe150b548895d9af0105317
-
Size
2.3MB
-
Sample
240625-xgymsawfrg
-
MD5
6b28669a2ff30c8cc8c466ac1e5fbdaa
-
SHA1
a64a89702aeaafc6570242f8c7bfa253c358fee2
-
SHA256
08f0087969d393fdd22c741a43f0318ecc99ad538fe150b548895d9af0105317
-
SHA512
1a75804ca9660b8edb09ec2f58d3e7ae0ca32326dd57cec37eae9715e6a243d8a3d43f8128cb6d7d862f923d76db1e65537b3f11d3fe35a670547af7f0897d40
-
SSDEEP
24576:iCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nHn:iCwsbCANnKXferL7Vwe/Gg0P+Wh2lEmL
Static task
static1
Behavioral task
behavioral1
Sample
08f0087969d393fdd22c741a43f0318ecc99ad538fe150b548895d9af0105317.exe
Resource
win7-20240419-en
Malware Config
Targets
-
-
Target
08f0087969d393fdd22c741a43f0318ecc99ad538fe150b548895d9af0105317
-
Size
2.3MB
-
MD5
6b28669a2ff30c8cc8c466ac1e5fbdaa
-
SHA1
a64a89702aeaafc6570242f8c7bfa253c358fee2
-
SHA256
08f0087969d393fdd22c741a43f0318ecc99ad538fe150b548895d9af0105317
-
SHA512
1a75804ca9660b8edb09ec2f58d3e7ae0ca32326dd57cec37eae9715e6a243d8a3d43f8128cb6d7d862f923d76db1e65537b3f11d3fe35a670547af7f0897d40
-
SSDEEP
24576:iCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nHn:iCwsbCANnKXferL7Vwe/Gg0P+Wh2lEmL
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-