General
-
Target
bf75ae308c4398e452beaf045691929e94f56be9ad335e91f272dc9f065b72eb
-
Size
9.3MB
-
Sample
240625-xp2dmszckp
-
MD5
4243d1e4ba61d4636ba188b1f58182c3
-
SHA1
275f5cbaae43074078f5b8028300c1dcae65fef9
-
SHA256
bf75ae308c4398e452beaf045691929e94f56be9ad335e91f272dc9f065b72eb
-
SHA512
33807bd99f4eeec937282e1f371daa2c1971a19c46d728de0eb558919837e59bf88da5df35da3b622f156d5d836a45eb025cecb85728dcc9e835d2f72b47468c
-
SSDEEP
196608:1KXbeO7LsevSVvssvv/v/vgbYTYvb+GWLchcy3EjapBmDEnfs8vc4:+7LsES9ssvv/v/vCYTYvbkEf/P
Static task
static1
Behavioral task
behavioral1
Sample
bf75ae308c4398e452beaf045691929e94f56be9ad335e91f272dc9f065b72eb.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
bf75ae308c4398e452beaf045691929e94f56be9ad335e91f272dc9f065b72eb
-
Size
9.3MB
-
MD5
4243d1e4ba61d4636ba188b1f58182c3
-
SHA1
275f5cbaae43074078f5b8028300c1dcae65fef9
-
SHA256
bf75ae308c4398e452beaf045691929e94f56be9ad335e91f272dc9f065b72eb
-
SHA512
33807bd99f4eeec937282e1f371daa2c1971a19c46d728de0eb558919837e59bf88da5df35da3b622f156d5d836a45eb025cecb85728dcc9e835d2f72b47468c
-
SSDEEP
196608:1KXbeO7LsevSVvssvv/v/vgbYTYvb+GWLchcy3EjapBmDEnfs8vc4:+7LsES9ssvv/v/vCYTYvbkEf/P
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-