Overview

overview

7

Static

static

7

Ghosty V2.exe

windows7-x64

7

Ghosty V2.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Ghosty V2.exe

  • Size

    5.2MB

  • Sample

    240810-haeh1atclf

  • MD5

    739dce2fd5e78ea4dbe2b3e9d4f83deb

  • SHA1

    4368c7261518b2da645d0978ba318e602137a188

  • SHA256

    5e0cfd1ca903a2b05f3ecea1ff5a697a71beb16952e3a6162b89a9c7570521cb

  • SHA512

    b812943a948cf264b812728807b8a6e7df175931e0d3fee2d6c9ddb465ac0ef85679e10292e7f85d1759880c421a156b89ce9e4a5af49c197e818271b0189235

  • SSDEEP

    98304:NqNP47sUR/fiWXGaOntNcCrMLLOVutmyD0qLoZA6Vf:NiP47sEf72aOn3cCuB8ZDF

Score
7/10
themida

Malware Config

Targets

    • Target

      Ghosty V2.exe

    • Size

      5.2MB

    • MD5

      739dce2fd5e78ea4dbe2b3e9d4f83deb

    • SHA1

      4368c7261518b2da645d0978ba318e602137a188

    • SHA256

      5e0cfd1ca903a2b05f3ecea1ff5a697a71beb16952e3a6162b89a9c7570521cb

    • SHA512

      b812943a948cf264b812728807b8a6e7df175931e0d3fee2d6c9ddb465ac0ef85679e10292e7f85d1759880c421a156b89ce9e4a5af49c197e818271b0189235

    • SSDEEP

      98304:NqNP47sUR/fiWXGaOntNcCrMLLOVutmyD0qLoZA6Vf:NiP47sEf72aOn3cCuB8ZDF

    Score
    7/10
    themida

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks