General
-
Target
1eb7915b0604ff52703ad8291c2064234aa53f3f3b3376599eb9bbe478039cbf
-
Size
5.9MB
-
Sample
240625-xjvnxayhpn
-
MD5
edebed2130182633f08010278d0d6eed
-
SHA1
d5738889b389909656443ee6515d18dbbfee80a3
-
SHA256
1eb7915b0604ff52703ad8291c2064234aa53f3f3b3376599eb9bbe478039cbf
-
SHA512
de610f973b435b976cd6a8808399ec5d08ec126c45bee42399093f132c056cdb888b008a2bccda32dc733b265d3ef3a94ed084dcb285ef7fc2c7c122790507f7
-
SSDEEP
98304:0GdVyVT9nOgmhs1ErRtM3NkJCggBXQaGkVf:LWT9nO72arRt6N6Cqpg
Static task
static1
Behavioral task
behavioral1
Sample
1eb7915b0604ff52703ad8291c2064234aa53f3f3b3376599eb9bbe478039cbf.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
1eb7915b0604ff52703ad8291c2064234aa53f3f3b3376599eb9bbe478039cbf
-
Size
5.9MB
-
MD5
edebed2130182633f08010278d0d6eed
-
SHA1
d5738889b389909656443ee6515d18dbbfee80a3
-
SHA256
1eb7915b0604ff52703ad8291c2064234aa53f3f3b3376599eb9bbe478039cbf
-
SHA512
de610f973b435b976cd6a8808399ec5d08ec126c45bee42399093f132c056cdb888b008a2bccda32dc733b265d3ef3a94ed084dcb285ef7fc2c7c122790507f7
-
SSDEEP
98304:0GdVyVT9nOgmhs1ErRtM3NkJCggBXQaGkVf:LWT9nO72arRt6N6Cqpg
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-