General
-
Target
SignalSetup.msi
-
Size
150.8MB
-
Sample
240712-nc2dfa1cqj
-
MD5
75b8008f805e2464792de8e9ad824207
-
SHA1
3426ce901e21b195e4609153c509b595b71edeb2
-
SHA256
852b7be78f53bb6052f4b1cb2908c62caaa09524b442356430c0166f4bbe47d5
-
SHA512
96a5374bef016c3ddcc6cf4223d358fcd2fe777254dc381b623f6253e450d7fef2426db57141f208bfd01909ba152251da89137cccd54c4136ea24b4ae8b8c7f
-
SSDEEP
3145728:NMrQiDKQ5KqsKcnBzeAjmtYeV0QCSEiEze7ZXzLkYMPlSNRRDu:IjKQ5sK6BzTiYe2QvE9yDoE/RD
Static task
static1
Behavioral task
behavioral1
Sample
SignalSetup.msi
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
SignalSetup.msi
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
SignalSetup.msi
-
Size
150.8MB
-
MD5
75b8008f805e2464792de8e9ad824207
-
SHA1
3426ce901e21b195e4609153c509b595b71edeb2
-
SHA256
852b7be78f53bb6052f4b1cb2908c62caaa09524b442356430c0166f4bbe47d5
-
SHA512
96a5374bef016c3ddcc6cf4223d358fcd2fe777254dc381b623f6253e450d7fef2426db57141f208bfd01909ba152251da89137cccd54c4136ea24b4ae8b8c7f
-
SSDEEP
3145728:NMrQiDKQ5KqsKcnBzeAjmtYeV0QCSEiEze7ZXzLkYMPlSNRRDu:IjKQ5sK6BzTiYe2QvE9yDoE/RD
-
Gh0st RAT payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1