General
-
Target
38857d1259bf05fff80c633551557c26c8485d22c04e2d9be044eb892d82e491
-
Size
3.5MB
-
Sample
240626-gt2bfaygpb
-
MD5
64de96e85c7238cc43c8188d6d21e1bd
-
SHA1
c33da50bef5ca5848d4b1e8e973c5a3916905bb2
-
SHA256
38857d1259bf05fff80c633551557c26c8485d22c04e2d9be044eb892d82e491
-
SHA512
fe0b34ed7d24cadd8f2ece8d3f07545faff0f2d6587ffff01fc11aa62b36145398618696f7de4024a4ddbfbf31b56b6ca70993c16446784f31c5b1cc54bc78b6
-
SSDEEP
49152:+CwsbCANnKXferL7Vwe/Gg0P+Wh2iv3Wb39azI+uTviVh:5ws2ANnKXOaeOgmhVub3lqVh
Static task
static1
Behavioral task
behavioral1
Sample
38857d1259bf05fff80c633551557c26c8485d22c04e2d9be044eb892d82e491.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
38857d1259bf05fff80c633551557c26c8485d22c04e2d9be044eb892d82e491
-
Size
3.5MB
-
MD5
64de96e85c7238cc43c8188d6d21e1bd
-
SHA1
c33da50bef5ca5848d4b1e8e973c5a3916905bb2
-
SHA256
38857d1259bf05fff80c633551557c26c8485d22c04e2d9be044eb892d82e491
-
SHA512
fe0b34ed7d24cadd8f2ece8d3f07545faff0f2d6587ffff01fc11aa62b36145398618696f7de4024a4ddbfbf31b56b6ca70993c16446784f31c5b1cc54bc78b6
-
SSDEEP
49152:+CwsbCANnKXferL7Vwe/Gg0P+Wh2iv3Wb39azI+uTviVh:5ws2ANnKXOaeOgmhVub3lqVh
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-