General
-
Target
66a8e5b0516e802ba99fad0f1b2a49261ec86a634b95a5ade2ce7994a42ef087
-
Size
1.3MB
-
Sample
240626-gqjxzs1hkp
-
MD5
e3a43892d0886af0920b1a1215135fd4
-
SHA1
1e6317201101690c0ceac6c6b21cab3ce48f2f6a
-
SHA256
66a8e5b0516e802ba99fad0f1b2a49261ec86a634b95a5ade2ce7994a42ef087
-
SHA512
1032a4edcd1db27e6c8774146b522dd5640939649d3a4b5cb5e2fcbd18443c2a16426f0a29611383a9d4cf71bfa67bcc7bab6f604091519895a2b2e89360f7d3
-
SSDEEP
24576:Edq1km1qCuhiVbW+vknxCER3R3cI+9xpE/rsabGBthx8bUzbULO4heV3gezVqoDj:ET/CuhCzUhRG+D1CVObrqbVZqK6DU1io
Static task
static1
Behavioral task
behavioral1
Sample
66a8e5b0516e802ba99fad0f1b2a49261ec86a634b95a5ade2ce7994a42ef087.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
66a8e5b0516e802ba99fad0f1b2a49261ec86a634b95a5ade2ce7994a42ef087.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
66a8e5b0516e802ba99fad0f1b2a49261ec86a634b95a5ade2ce7994a42ef087
-
Size
1.3MB
-
MD5
e3a43892d0886af0920b1a1215135fd4
-
SHA1
1e6317201101690c0ceac6c6b21cab3ce48f2f6a
-
SHA256
66a8e5b0516e802ba99fad0f1b2a49261ec86a634b95a5ade2ce7994a42ef087
-
SHA512
1032a4edcd1db27e6c8774146b522dd5640939649d3a4b5cb5e2fcbd18443c2a16426f0a29611383a9d4cf71bfa67bcc7bab6f604091519895a2b2e89360f7d3
-
SSDEEP
24576:Edq1km1qCuhiVbW+vknxCER3R3cI+9xpE/rsabGBthx8bUzbULO4heV3gezVqoDj:ET/CuhCzUhRG+D1CVObrqbVZqK6DU1io
-
Gh0st RAT payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-