General
-
Target
94dad7dd49e667380466e810cf4ec223aa2b1cc2824b11c43cdca9e1e440fb76
-
Size
2.9MB
-
Sample
240625-xtrd8szejj
-
MD5
cdee79f805a516e959aa69be977eec3d
-
SHA1
4c05ecb312fcbb64deaf367324e65d83ac8a9ef9
-
SHA256
94dad7dd49e667380466e810cf4ec223aa2b1cc2824b11c43cdca9e1e440fb76
-
SHA512
6528d7820c35157cc51e0a1753afcd63ea8b3f5ec32fbec9863c5d9b1a3005b2c6cd8cc636242abb74af66b58107b3a9a7a2728f841edf9d0d26c7810cf54691
-
SSDEEP
49152:SCwsbCANnKXferL7Vwe/Gg0P+WhkcJDmn2+:1ws2ANnKXOaeOgmhkcJDmn2+
Static task
static1
Behavioral task
behavioral1
Sample
94dad7dd49e667380466e810cf4ec223aa2b1cc2824b11c43cdca9e1e440fb76.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
94dad7dd49e667380466e810cf4ec223aa2b1cc2824b11c43cdca9e1e440fb76
-
Size
2.9MB
-
MD5
cdee79f805a516e959aa69be977eec3d
-
SHA1
4c05ecb312fcbb64deaf367324e65d83ac8a9ef9
-
SHA256
94dad7dd49e667380466e810cf4ec223aa2b1cc2824b11c43cdca9e1e440fb76
-
SHA512
6528d7820c35157cc51e0a1753afcd63ea8b3f5ec32fbec9863c5d9b1a3005b2c6cd8cc636242abb74af66b58107b3a9a7a2728f841edf9d0d26c7810cf54691
-
SSDEEP
49152:SCwsbCANnKXferL7Vwe/Gg0P+WhkcJDmn2+:1ws2ANnKXOaeOgmhkcJDmn2+
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-