General
-
Target
cb0c12647657f2482b28fcedcbc6d1bcd8d54be049ed3f6b9aa25e6c27161671
-
Size
5.6MB
-
Sample
240625-xrzmtszdkn
-
MD5
b30785b01be3a4f2aba213d4cd87dd51
-
SHA1
a5a21e1deed6ebf2b15f89386ae574b11ae28dee
-
SHA256
cb0c12647657f2482b28fcedcbc6d1bcd8d54be049ed3f6b9aa25e6c27161671
-
SHA512
edb020cb4b73d530f9423d3983014b11c1d2b3748171068c3b73953dc82f05400db345adf54414262317f2dbc7b679941d54e3d5d3167f8693ed4ba74009f548
-
SSDEEP
98304:zws2ANnKXOaeOgmh3nlEvQvcvGJ6D679w6N49q/SNEteB:VKXbeO7tnlEv2/J6D679+qa2teB
Static task
static1
Behavioral task
behavioral1
Sample
cb0c12647657f2482b28fcedcbc6d1bcd8d54be049ed3f6b9aa25e6c27161671.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
cb0c12647657f2482b28fcedcbc6d1bcd8d54be049ed3f6b9aa25e6c27161671
-
Size
5.6MB
-
MD5
b30785b01be3a4f2aba213d4cd87dd51
-
SHA1
a5a21e1deed6ebf2b15f89386ae574b11ae28dee
-
SHA256
cb0c12647657f2482b28fcedcbc6d1bcd8d54be049ed3f6b9aa25e6c27161671
-
SHA512
edb020cb4b73d530f9423d3983014b11c1d2b3748171068c3b73953dc82f05400db345adf54414262317f2dbc7b679941d54e3d5d3167f8693ed4ba74009f548
-
SSDEEP
98304:zws2ANnKXOaeOgmh3nlEvQvcvGJ6D679w6N49q/SNEteB:VKXbeO7tnlEv2/J6D679+qa2teB
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-