General
-
Target
a0683e9340a485ee7ba3d4b3881b4f2ee5024abe76b4ce7fe91d4cd14727f09f
-
Size
2.0MB
-
Sample
240626-glz4eaydlc
-
MD5
1c08c00c1f24dbf9e4e73c8dd7a3e2f2
-
SHA1
91ad63f06c17f41ffa1920cf75df1093a5533461
-
SHA256
a0683e9340a485ee7ba3d4b3881b4f2ee5024abe76b4ce7fe91d4cd14727f09f
-
SHA512
0785ef289fb6b09f54c48c0a2cc561b2fb967018c23792facab0af1161af9c5e6d372d7473a02187586a0d5ed5e88cb7ff00fc2a0b04f15219d7cdd4e7b9198f
-
SSDEEP
49152:+QZAdVyVT9n/Gg0P+Who3peirqfovfK0ZPItx2apeapelI:vGdVyVT9nOgmhXirqf71tUvlI
Static task
static1
Behavioral task
behavioral1
Sample
a0683e9340a485ee7ba3d4b3881b4f2ee5024abe76b4ce7fe91d4cd14727f09f.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
a0683e9340a485ee7ba3d4b3881b4f2ee5024abe76b4ce7fe91d4cd14727f09f
-
Size
2.0MB
-
MD5
1c08c00c1f24dbf9e4e73c8dd7a3e2f2
-
SHA1
91ad63f06c17f41ffa1920cf75df1093a5533461
-
SHA256
a0683e9340a485ee7ba3d4b3881b4f2ee5024abe76b4ce7fe91d4cd14727f09f
-
SHA512
0785ef289fb6b09f54c48c0a2cc561b2fb967018c23792facab0af1161af9c5e6d372d7473a02187586a0d5ed5e88cb7ff00fc2a0b04f15219d7cdd4e7b9198f
-
SSDEEP
49152:+QZAdVyVT9n/Gg0P+Who3peirqfovfK0ZPItx2apeapelI:vGdVyVT9nOgmhXirqf71tUvlI
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-