General
-
Target
14ea9d41c5cecd896abbd7871bd0ff28901b63be86ceb96e86893974a80ec2ab
-
Size
2.8MB
-
Sample
240625-xrhdjszcrm
-
MD5
e7e67a598a8064dfbbf5152f9aa31b48
-
SHA1
c2f7344f4de35b7b20d13eab9fc43cb23cab5919
-
SHA256
14ea9d41c5cecd896abbd7871bd0ff28901b63be86ceb96e86893974a80ec2ab
-
SHA512
d7839398dfd3a41660a4b09dcc8953d9e1c00c687a7ad45b16feed2d65b0488d2d81ca490a8e491ce7f9698535f7e605e4e85bda3c67f5aba862fb4dc431db8c
-
SSDEEP
49152:TCwsbCANnKXferL7Vwe/Gg0P+WhLopj+619:Gws2ANnKXOaeOgmhLoj
Static task
static1
Behavioral task
behavioral1
Sample
14ea9d41c5cecd896abbd7871bd0ff28901b63be86ceb96e86893974a80ec2ab.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
14ea9d41c5cecd896abbd7871bd0ff28901b63be86ceb96e86893974a80ec2ab
-
Size
2.8MB
-
MD5
e7e67a598a8064dfbbf5152f9aa31b48
-
SHA1
c2f7344f4de35b7b20d13eab9fc43cb23cab5919
-
SHA256
14ea9d41c5cecd896abbd7871bd0ff28901b63be86ceb96e86893974a80ec2ab
-
SHA512
d7839398dfd3a41660a4b09dcc8953d9e1c00c687a7ad45b16feed2d65b0488d2d81ca490a8e491ce7f9698535f7e605e4e85bda3c67f5aba862fb4dc431db8c
-
SSDEEP
49152:TCwsbCANnKXferL7Vwe/Gg0P+WhLopj+619:Gws2ANnKXOaeOgmhLoj
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-