General
-
Target
930a9e5d9d04149ef304e9679d9e31eabb8fac39db228962c797a2a72ed8ed06
-
Size
7.0MB
-
Sample
240625-xnavaszbln
-
MD5
11970170ef59d30d4aa495adce09ae49
-
SHA1
29324c0dd17e0b091496e588c899bfdd93e614b9
-
SHA256
930a9e5d9d04149ef304e9679d9e31eabb8fac39db228962c797a2a72ed8ed06
-
SHA512
7eaa22bdcd7c821f444d20c9cf71f7e693f13e6eeb25593cbe488c44d2ab4a589883716d6cadbec42d6c9cf091a44b19bb188c73aa16641b8cbd26098de75053
-
SSDEEP
98304:Hws2ANnKXOaeOgmh6XMMqWS1XMsl4wXaz/Kc/CD8OVv37hdBjEVHE7OBP0MfnQUq:xKXbeO7o21XMPWarKc/CDRzOBMMfbq
Static task
static1
Behavioral task
behavioral1
Sample
930a9e5d9d04149ef304e9679d9e31eabb8fac39db228962c797a2a72ed8ed06.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
930a9e5d9d04149ef304e9679d9e31eabb8fac39db228962c797a2a72ed8ed06
-
Size
7.0MB
-
MD5
11970170ef59d30d4aa495adce09ae49
-
SHA1
29324c0dd17e0b091496e588c899bfdd93e614b9
-
SHA256
930a9e5d9d04149ef304e9679d9e31eabb8fac39db228962c797a2a72ed8ed06
-
SHA512
7eaa22bdcd7c821f444d20c9cf71f7e693f13e6eeb25593cbe488c44d2ab4a589883716d6cadbec42d6c9cf091a44b19bb188c73aa16641b8cbd26098de75053
-
SSDEEP
98304:Hws2ANnKXOaeOgmh6XMMqWS1XMsl4wXaz/Kc/CD8OVv37hdBjEVHE7OBP0MfnQUq:xKXbeO7o21XMPWarKc/CDRzOBMMfbq
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-