General
-
Target
de105de4385edbdeec144fbbef91ab6ae152cf95cc859abb47312ffbc4cbabe8
-
Size
7.0MB
-
Sample
240626-gtahqasapj
-
MD5
65edb5f6fea3ddf5046c6eec648b9547
-
SHA1
c6305d88962ba1ca34489344f1d6def8f6e59445
-
SHA256
de105de4385edbdeec144fbbef91ab6ae152cf95cc859abb47312ffbc4cbabe8
-
SHA512
a77ac22513fe4d28c9a93febadf51c34ffedba4e1d5c3847c73359713ab0acd1ef6a2db7e6523b85f20edf9afed9299ca30101d52ed1eb4b9dd148d61719a1f7
-
SSDEEP
98304:2ws2ANnKXOaeOgmh2CWrDtWX2vaOp/BwQRo1u4PC7XZQXB:EKXbeO79eDtVyOp/+QO04PkKB
Static task
static1
Behavioral task
behavioral1
Sample
de105de4385edbdeec144fbbef91ab6ae152cf95cc859abb47312ffbc4cbabe8.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
de105de4385edbdeec144fbbef91ab6ae152cf95cc859abb47312ffbc4cbabe8
-
Size
7.0MB
-
MD5
65edb5f6fea3ddf5046c6eec648b9547
-
SHA1
c6305d88962ba1ca34489344f1d6def8f6e59445
-
SHA256
de105de4385edbdeec144fbbef91ab6ae152cf95cc859abb47312ffbc4cbabe8
-
SHA512
a77ac22513fe4d28c9a93febadf51c34ffedba4e1d5c3847c73359713ab0acd1ef6a2db7e6523b85f20edf9afed9299ca30101d52ed1eb4b9dd148d61719a1f7
-
SSDEEP
98304:2ws2ANnKXOaeOgmh2CWrDtWX2vaOp/BwQRo1u4PC7XZQXB:EKXbeO79eDtVyOp/+QO04PkKB
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-