General
-
Target
bf2cdfae8a3f3feb7a03422e40cb433b752b1de4a2f320089f9733b9708b4005
-
Size
4.8MB
-
Sample
240626-gly64sydkh
-
MD5
60cc61281bfccd6e6b8db675298b641e
-
SHA1
9446d0a7df155e919e4aa790b4f8a7b2e1dd8be0
-
SHA256
bf2cdfae8a3f3feb7a03422e40cb433b752b1de4a2f320089f9733b9708b4005
-
SHA512
b72a56081cf5a5360c479b1a5df859cff2feadae5deffea61b9d81e6ef1630c80ffb09c3e94a7d9d9d72394d7f087fd2a2cc6fa8c0dae56c489191c510ca2c76
-
SSDEEP
49152:6QZAdVyVT9n/Gg0P+WhoNrqfovfK2bXsPNIULkmp1/j6AeXZG7wmpvGF1IP9z5W9:jGdVyVT9nOgmh8rqf72bXsPN5kiQaZ56
Static task
static1
Behavioral task
behavioral1
Sample
bf2cdfae8a3f3feb7a03422e40cb433b752b1de4a2f320089f9733b9708b4005.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
bf2cdfae8a3f3feb7a03422e40cb433b752b1de4a2f320089f9733b9708b4005
-
Size
4.8MB
-
MD5
60cc61281bfccd6e6b8db675298b641e
-
SHA1
9446d0a7df155e919e4aa790b4f8a7b2e1dd8be0
-
SHA256
bf2cdfae8a3f3feb7a03422e40cb433b752b1de4a2f320089f9733b9708b4005
-
SHA512
b72a56081cf5a5360c479b1a5df859cff2feadae5deffea61b9d81e6ef1630c80ffb09c3e94a7d9d9d72394d7f087fd2a2cc6fa8c0dae56c489191c510ca2c76
-
SSDEEP
49152:6QZAdVyVT9n/Gg0P+WhoNrqfovfK2bXsPNIULkmp1/j6AeXZG7wmpvGF1IP9z5W9:jGdVyVT9nOgmh8rqf72bXsPN5kiQaZ56
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-