General
-
Target
f5d942db8d1be23ba1bf92836c8c2629bb2bf760d76965a5ba38c6fcc12f67e1
-
Size
3.5MB
-
Sample
240626-gt6adsygph
-
MD5
60a76a824b713beb7e834b6ad29dc4d0
-
SHA1
a820be884407a5c07b32b68de1ff208f8a872d8b
-
SHA256
f5d942db8d1be23ba1bf92836c8c2629bb2bf760d76965a5ba38c6fcc12f67e1
-
SHA512
44767e72adfd46c7c3053d77e05ef0e0948c5c7f6d2684d3e1d76084572e1b9b114f349b5ac029a19b619a7990b18b222c07b3c8f95948e6c1b1942815e67088
-
SSDEEP
49152:LCwsbCANnKXferL7Vwe/Gg0P+Wh9tkIorv0sI+AiIZ:Ows2ANnKXOaeOgmhd8v038IZ
Static task
static1
Behavioral task
behavioral1
Sample
f5d942db8d1be23ba1bf92836c8c2629bb2bf760d76965a5ba38c6fcc12f67e1.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
f5d942db8d1be23ba1bf92836c8c2629bb2bf760d76965a5ba38c6fcc12f67e1
-
Size
3.5MB
-
MD5
60a76a824b713beb7e834b6ad29dc4d0
-
SHA1
a820be884407a5c07b32b68de1ff208f8a872d8b
-
SHA256
f5d942db8d1be23ba1bf92836c8c2629bb2bf760d76965a5ba38c6fcc12f67e1
-
SHA512
44767e72adfd46c7c3053d77e05ef0e0948c5c7f6d2684d3e1d76084572e1b9b114f349b5ac029a19b619a7990b18b222c07b3c8f95948e6c1b1942815e67088
-
SSDEEP
49152:LCwsbCANnKXferL7Vwe/Gg0P+Wh9tkIorv0sI+AiIZ:Ows2ANnKXOaeOgmhd8v038IZ
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-