General
-
Target
501ea561c1521b5d6233d5ab69d94c5e61a2c220b38ae97060e9d2d19141781a
-
Size
1.4MB
-
Sample
240626-gkvgja1fjn
-
MD5
921ada8439fa4ec3aed1a5cd051eec61
-
SHA1
7fb721cc787b8b9f4aabf1b3bc98783221956e4d
-
SHA256
501ea561c1521b5d6233d5ab69d94c5e61a2c220b38ae97060e9d2d19141781a
-
SHA512
ed03897ae54057d061587d764c0d685889cb82f2a30447280a654dc6faf266118c727f386e20d35ac002f405cc5ad9a8560fedd23e159b2b772ff606523a921e
-
SSDEEP
24576:iQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cVDd5dyWRudqIqfaVN5mmT7Kr:iQZAdVyVT9n/Gg0P+WhoY5dyWRudqIqP
Static task
static1
Behavioral task
behavioral1
Sample
501ea561c1521b5d6233d5ab69d94c5e61a2c220b38ae97060e9d2d19141781a.exe
Resource
win7-20240419-en
Malware Config
Targets
-
-
Target
501ea561c1521b5d6233d5ab69d94c5e61a2c220b38ae97060e9d2d19141781a
-
Size
1.4MB
-
MD5
921ada8439fa4ec3aed1a5cd051eec61
-
SHA1
7fb721cc787b8b9f4aabf1b3bc98783221956e4d
-
SHA256
501ea561c1521b5d6233d5ab69d94c5e61a2c220b38ae97060e9d2d19141781a
-
SHA512
ed03897ae54057d061587d764c0d685889cb82f2a30447280a654dc6faf266118c727f386e20d35ac002f405cc5ad9a8560fedd23e159b2b772ff606523a921e
-
SSDEEP
24576:iQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cVDd5dyWRudqIqfaVN5mmT7Kr:iQZAdVyVT9n/Gg0P+WhoY5dyWRudqIqP
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-