General
-
Target
764664573b7890161a8030350ceaa1f573e9f84e3dcaea76bfaf5791fdf208dc
-
Size
3.1MB
-
Sample
240626-gs2wkssank
-
MD5
7fdd0d53ff5cc7fa793ec5b0b79f3d45
-
SHA1
35ec97fe59ba3e4a58ba23e008f4d697616b9a29
-
SHA256
764664573b7890161a8030350ceaa1f573e9f84e3dcaea76bfaf5791fdf208dc
-
SHA512
feb0572f44f1e541ad2c9455dce9b387f834509de5cdd3a7cb1806c086abd8e9cae67d4114779e4bbc1cd7a98a7136bcb3fd3f72a933fb20d67a39203639e373
-
SSDEEP
49152:BQZAdVyVT9n/Gg0P+WhoesJyn27hAuFL+yleVZ7HuGams7EenTt/F2GGAcPDL:iGdVyVT9nOgmh1sJyn2MZcms/FqPDL
Static task
static1
Behavioral task
behavioral1
Sample
764664573b7890161a8030350ceaa1f573e9f84e3dcaea76bfaf5791fdf208dc.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
764664573b7890161a8030350ceaa1f573e9f84e3dcaea76bfaf5791fdf208dc
-
Size
3.1MB
-
MD5
7fdd0d53ff5cc7fa793ec5b0b79f3d45
-
SHA1
35ec97fe59ba3e4a58ba23e008f4d697616b9a29
-
SHA256
764664573b7890161a8030350ceaa1f573e9f84e3dcaea76bfaf5791fdf208dc
-
SHA512
feb0572f44f1e541ad2c9455dce9b387f834509de5cdd3a7cb1806c086abd8e9cae67d4114779e4bbc1cd7a98a7136bcb3fd3f72a933fb20d67a39203639e373
-
SSDEEP
49152:BQZAdVyVT9n/Gg0P+WhoesJyn27hAuFL+yleVZ7HuGams7EenTt/F2GGAcPDL:iGdVyVT9nOgmh1sJyn2MZcms/FqPDL
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-