689943208342ec183e3166f04aef2108b44833f10fe4a8de7133e86fd9037c82

Sharing

Copy URL

Twitter E-mail

General

Target

ghost-1.0.4.zip
Size

1.4MB
Sample

240905-k51e3axhqd
MD5

81dfdec42e84d9d384828eaacb4db334
SHA1

1392c16fe4e3201e61828889f940da16c852b1e4
SHA256

689943208342ec183e3166f04aef2108b44833f10fe4a8de7133e86fd9037c82
SHA512

914e55503c80f474e795c23fc50ac9abc50048901062193aaccacf8090e258e4a201edfdab99212229d154822d9cfe07697acb37295a4f5a17643fcce70bb5d6
SSDEEP

24576:UmYzTOJd+Lzke7oPKtPemhDE4Y2GngSXwPqJ8ZGojic2cUP4Y2X2HvxXs:Um++BGte4Y9tXwPqK1tU2X8xXs

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  ghost-1.0.4.zip
- Size
  
  1.4MB
- MD5
  
  81dfdec42e84d9d384828eaacb4db334
- SHA1
  
  1392c16fe4e3201e61828889f940da16c852b1e4
- SHA256
  
  689943208342ec183e3166f04aef2108b44833f10fe4a8de7133e86fd9037c82
- SHA512
  
  914e55503c80f474e795c23fc50ac9abc50048901062193aaccacf8090e258e4a201edfdab99212229d154822d9cfe07697acb37295a4f5a17643fcce70bb5d6
- SSDEEP
  
  24576:UmYzTOJd+Lzke7oPKtPemhDE4Y2GngSXwPqJ8ZGojic2cUP4Y2X2HvxXs:Um++BGte4Y9tXwPqK1tU2X8xXs
Score

1^/10
behavioral1
- Target
  
  ghost-1.0.4/AUTHORS.md
- Size
  
  108B
- MD5
  
  4787748e89368bf7a47f0d2f47b3627e
- SHA1
  
  32f19cfae7b74613969dd2031c5d0382bc24cb95
- SHA256
  
  d5236238427862ca8d68f2b70a2c93109a5bba893303c16c4e5d642fcd1ea260
- SHA512
  
  5a01a914589d77ad926a8ec117252f19954f68bea95c04a0526dd508c46712015567ea0e2efb4247985f276c883550f7596e5970a82bf047174b9135dd0cae90
Score

3^/10
behavioral2
- Target
  
  ghost-1.0.4/CHANGELOG.md
- Size
  
  825B
- MD5
  
  4f01b9912fd6754799a88d53bbd5ad30
- SHA1
  
  cf9c5850c5febe5696d21fe2e11f56046b558722
- SHA256
  
  75efaa0409606b5fb87a3d76eeb102d6cf15dadeb34b6743203ae9e97e6915b9
- SHA512
  
  878865f4c062edc84db270e5ecf86783a3ffdfef8a0bd261e5b43beac7b180e8886cdcb6e8ac2cab0c04058326c0279f9d12833a8c325530a59f99968bdb5d32
Score

3^/10
behavioral3
- Target
  
  ghost-1.0.4/LICENSE
- Size
  
  34KB
- MD5
  
  84dcc94da3adb52b53ae4fa38fe49e5d
- SHA1
  
  12d81f50767d4e09aa7877da077ad9d1b915d75b
- SHA256
  
  589ed823e9a84c56feb95ac58e7cf384626b9cbf4fda2a907bc36e103de1bad2
- SHA512
  
  552aec8d120c9d931769f6a6b794716fce978d0055715de21746dc0f064f4a0f72b6be42d4828b98a56715b23fa427c1f66fd20aca0ef1751cc384c420db1605
- SSDEEP
  
  768:Mo1acy3LTB2VsrHG/OfvMmnBCtLmJ9I7dB:MhcycsrfrnouW
Score

1^/10
behavioral4
- Target
  
  ghost-1.0.4/README.md
- Size
  
  2KB
- MD5
  
  4d718c660aa4fad7477255d4f71c28c0
- SHA1
  
  f43344f66d6bd6869403830d0e28acff0ad20c95
- SHA256
  
  c0312abf96db4e3d1d43cb9901a359214200825afb3d7278532305827b3d781d
- SHA512
  
  8adc7b6f8b0a410ded73fbde03ee25ab4d05abe7e1a490e90964d444546c04a8708c52a3025b0752f39786b2f146bc029c26408f4ed84a82b0df64688f02b6b6
Score

3^/10
behavioral5
- Target
  
  ghost-1.0.4/_build/Debug/ghost.dll
- Size
  
  456KB
- MD5
  
  c0f9a61c8706b7e9ae467619ba195e85
- SHA1
  
  8b88219ec4f546250f62f298b23f959635c778ae
- SHA256
  
  68c327aa6eedc252114da8d5644b396b28b272013f1c67d82c574cd196bc75ea
- SHA512
  
  4990c5b199af1feb3929923ab527f8c1ef81d780b737322fa8d1a5a80068cb9b9a2cf903de47e13123eae6cff1fbb8ff7f19174c12c40fb4babaa046aa5db39b
- SSDEEP
  
  12288:0tS02t6QdU2luj6tXY4XFp/NTI+EUnHNH0IgqZ56zXAWoGdD1a1o1L5HIrOU8ndB:0InvdUMuj6tXY4XFp/NTI+EUnHNH0Igt
Score

3^/10

discovery
behavioral6
- Target
  
  ghost-1.0.4/_build/Debug/ghost.exp
- Size
  
  2KB
- MD5
  
  d97bf0e52b6166576f3592521f5bfc69
- SHA1
  
  3c6232665ad56480e294f403f9dd0d738d1a64c3
- SHA256
  
  0080ffd12acf067a60dcefe9feff8634acc3e282e3cbd258017a17929d7db63f
- SHA512
  
  1bfab3821cc9e495e34bf3ae71c08522b35a3ed17e2d2c07ac391f6cfe3fb43395bc3b3e98cd30d7c65913ac9a59b11d87bab5ced538656effc4643610b01bf7
Score

3^/10
behavioral7
- Target
  
  ghost-1.0.4/_build/Debug/ghost.lib
- Size
  
  4KB
- MD5
  
  12c858d3c40c2e660fb70cc78cb9ce5b
- SHA1
  
  cdc2c702111d3e52b4b5811d54f76b4b0f12e96b
- SHA256
  
  f5e1b4359e4d134265ae282fe29ed3fe76819e1b7a4703a6cab864e21f9bb0f5
- SHA512
  
  c29fa25d4673c3a4da5a16270e4e87ae66c41ff0bdb626825fb21f611b2fe850cce9e556e13887048c78bddde5ff6d6bdfef3cccbd7c0d4059b2f2493130b1ee
- SSDEEP
  
  96:iDSkbol0A8Sk+xyKNCK/0Kvb+1clI/jv+1K+Fi+J:ijol0AlNsr+z
Score

3^/10
behavioral8
- Target
  
  ghost-1.0.4/_build/Release/ghost.dll
- Size
  
  338KB
- MD5
  
  3b491b7d2e499a6e99eb4041c519a966
- SHA1
  
  842627191fe181fca8bc115507baab36f4b91654
- SHA256
  
  b0bc056257f5bee8532b5978c082d9fd173eb07128aea13af83938ca94ebe4dd
- SHA512
  
  5655ff27161b79dccda10ac55933fbd12788534c6cec1a20a7583c04be4096facf8c1e8e7467d9542690f8f956b442286f9673ca7b83afaa36294171a70855d3
- SSDEEP
  
  6144:Iej8gAwB+9AhuU6tXqYXForMOQNTI+EUdHWA0ITmz56zXxzoEdq1a1o1G1HIrOU:IC8gACxuU6tXqYXFsQNTI+EUdHWA0ITL
Score

3^/10

discovery
behavioral9
- Target
  
  ghost-1.0.4/_build/Release/ghost.exp
- Size
  
  1KB
- MD5
  
  7c9283156049b9c0a0f99c3ba8335a53
- SHA1
  
  f44da62afec92caf8042a1d39fec266633f83e6b
- SHA256
  
  48651cd7f5047abb90263bcfdeaf364de4df86f7d7d93a699803fcb3cf37bbea
- SHA512
  
  1bd83d81f00286babf4b76b6ddca1f173f15e48dea51a5c588100e3bf8496e9ae7735657fde6e10bd7ce123f484f7060d99dc1d5714bdec564b1065d4e3ce534
Score

3^/10
behavioral10
- Target
  
  ghost-1.0.4/_build/Release/ghost.lib
- Size
  
  3KB
- MD5
  
  a93c5dfbc22c529856f944a8e590f21a
- SHA1
  
  7a403f95914aa117da747bf24a5af233da922989
- SHA256
  
  ddbd4932ea99f406192d8aa04a9857cdf7243aabe9b6aa36988ac5bf4880e0fc
- SHA512
  
  59765be5f744aab6e0bdf6a365d805364e667d4b01248f661f181c15f985a0ffe138ac25ba404bc6a3fba63210ff006be3050551ed01d6b109081f444bef16a0
Score

3^/10
behavioral11
- Target
  
  ghost-1.0.4/_resources/ghost.html
- Size
  
  1KB
- MD5
  
  0b38f22528d2bf09a9e1cb4283226583
- SHA1
  
  57825af884c80cc8f0d4588f1b205b6f206e5948
- SHA256
  
  248faa64fa7f5bc5361f7b6e85b9d5cc28b339686a8b12514e954ceabcb2e920
- SHA512
  
  d10717fef65e2c6e3afdd419886ef3fe9934503c55c541b81f51b0b48570ea383d6e232b04ce802aa672efab008a3d07fbd05f46caa812f73ab05da5f6b62b6a
Score

3^/10

discovery
behavioral12
- Target
  
  ghost-1.0.4/_resources/icon.ico
- Size
  
  165KB
- MD5
  
  87b1d0ee689dd8ced2526eb537f9a8cb
- SHA1
  
  2a6dcc868bc798493fa6d8c7ef6e48eae1ad558c
- SHA256
  
  61bea7d03012856ba7a1603c306c8ae76f245f0743af4930d8ac48cbb6680044
- SHA512
  
  f956da4f534338ecd98b270fd7d1ba2fd1f5db2779653f8acc9f93b04bb9b118e92522a872fcf17f77048eef401b5302a72b7185582a36a1937c32a5cd067684
- SSDEEP
  
  1536:3BGl9Z19DPS+4p8yQXLqnHcuYoB7WqxZQP0DeDTHgRSV6+zpJ/iw+f5meG+4KJ+Z:KHHq+4pJQXWHcurAPR3gRSYUi4VVTm0
Score

3^/10
behavioral13
- Target
  
  ghost-1.0.4/_resources/wget.exe
- Size
  
  2.9MB
- MD5
  
  78c1d46f19ef98dc760e7c40f14ee242
- SHA1
  
  8dd503566d4c6b2d4bb9c41af2605b986596a15b
- SHA256
  
  aa246768b4ce197c1d0945e233975c23acd08b84170cc6581e17cdfd771c0cb3
- SHA512
  
  0e9df5420b2fecef210c83b5fdcb0d7f597e89073e848221788c203b357a182b9b72dcbc3e20a256f14ca37a51bce3cb1a9f935d62bb5adb08183d7dd3f56543
- SSDEEP
  
  49152:O84bklvgA17OhXwlxg4g/BPWOo4uVxYcVtoYpI7Z/LQTd1lmHy/piSo6xRNMnEwl:O9bklvgA17Iwlxg4g/BPWOo4uVxYcVt+
Score

3^/10

discovery
behavioral14
- Target
  
  ghost-1.0.4/_src/Encryption/encrypt.h
- Size
  
  1KB
- MD5
  
  6aeb7966f17a20ccc18e5cc9d37ad38a
- SHA1
  
  e86041e108fe3fa5dbb5bf936e78695aba5dc61d
- SHA256
  
  6c9057ca2eb3ef776cb73f35d60f90473a873e87ee2f52408264fe6a29d85261
- SHA512
  
  107bec95cc1e708bb907a3fbfffe0465da4ce604f14a4b3dd69283d39d061409fb7aceef8414184c8f6ff9968a2559cb8d5b3e15eeb05bd3a7c4d06d866cb833
Score

3^/10
behavioral15
- Target
  
  ghost-1.0.4/_src/ghostdll/AssemblyInfo.cpp
- Size
  
  1KB
- MD5
  
  f0797af6400a678784216e585e8836a4
- SHA1
  
  326df83d18a36c40a35bcd6f1b15cc79ab569d64
- SHA256
  
  11e709718986cb8f7c520138a77f203fea39104d49bb3b7ec7a47b9a0c06a10b
- SHA512
  
  20524e2176d83cf0f46c86dac801e3e17de4a027bf037108d3a3bdb3536dc64e8ad1986d65037abaea1e6c041d03938282225621c7eb94e46421f6bd3d3e31bd
Score

3^/10
behavioral16
- Target
  
  ghost-1.0.4/_src/ghostdll/ghostlib.cpp
- Size
  
  1KB
- MD5
  
  b9ad845b5843a00e2ad6b618b55d3cea
- SHA1
  
  6b63043e612b9962959594f9def8c7792a98b221
- SHA256
  
  08fc0521d1a88963eda3aa561d4337b9dab54dd09b5ed449f51e381eb566a876
- SHA512
  
  cb65790102109f16814693d6456cc7ee8c07c2c140a80c8aab516a0273e9c36fbfd247c81e63d9c8214b62c6c4925add19408cef57b54f1575b87bda87b32232
Score

3^/10
behavioral17
- Target
  
  ghost-1.0.4/_src/ghostdll/ghostlib.h
- Size
  
  1KB
- MD5
  
  adfb2b397025b934d292f913243c471b
- SHA1
  
  d86f4e9dedd36607ca76eefdd4b5b0a4797ca5fd
- SHA256
  
  38deb48c3164b2c0221c3f0168c881492a965e2e7808b39b4f1b65f42fdaa0e8
- SHA512
  
  eb5b2b5bf35ac262f5f8d4d67d2d755ded8d455f8505a5388652c16393b90c5135db4f9a70d851888870a80a0a886441c28b95f8c8061fd60f6b8f91588dbc5e
Score

3^/10
behavioral18
- Target
  
  ghost-1.0.4/_src/ghostdll/resource.h
- Size
  
  2KB
- MD5
  
  b4ae3e9c8de3ae688ab291189a8eade9
- SHA1
  
  013cea9c66f8b2a6ebc175e6e27753664e0476fa
- SHA256
  
  aae1fe82401e7560c766b7c10b519134ba7c470cb99a9e84b56d0eb23e9ab7a5
- SHA512
  
  76b92eed62c040edbe92dfe34cb3790363c8bf3e2982ed41018fef54591228fc45985fb95adb0198ecdae25d54712c668b7ea28ececb0e71963b6e3fa172a872
Score

3^/10
behavioral19
- Target
  
  ghost-1.0.4/_src/server/AssemblyInfo.cpp
- Size
  
  1KB
- MD5
  
  d20afa76baac2b551348be92592e9439
- SHA1
  
  501658a5d9129c87144c1e426ca7c3ee23c61ab8
- SHA256
  
  ecabc498d7d0caac762d21b8cdd593d088f29c3b71b79a9d150d7fc1d2e3f6f6
- SHA512
  
  a48f76b87a4277c0472bc91cb22da1abf967ee64fcc2642e1f56b3a88928f6dcd9f319d6d5830747f51bc7b3e4a77cbacac5c20d4d2f3e2446eb14ec70babe4a
Score

3^/10
behavioral20
- Target
  
  ghost-1.0.4/_src/server/INIReader.cpp
- Size
  
  2KB
- MD5
  
  d4c32c7a129cb8711c279eeb0c6b6afb
- SHA1
  
  a45ff5d8d58c2d203140288b1881cbf6e3d220ac
- SHA256
  
  6379f973e7a93ebfab7f7ce362ef92102b84684539ad3d9ee7f052e225eb0a1f
- SHA512
  
  6796cb91728f6cd8ff2458e85b6c8ba46110d4979c26f47861e5560cc2ac5047f05a8c350af481bb307852053b36f5da76a2ab68a5eaeee81c7d3df00a72c107
Score

3^/10
behavioral21
- Target
  
  ghost-1.0.4/_src/server/INIReader.h
- Size
  
  2KB
- MD5
  
  d48991c376dc3c51bb37a642e54f01b2
- SHA1
  
  fa05e2ec0730d28ef3a1dbda15019cd87931a2ed
- SHA256
  
  cba15f6b58d3b91c5625fdb376e0a96510bdbdef22bd5a03529b1ef5ef068a0a
- SHA512
  
  cbf7c8383b0dd63dab1125d58dc0ea0e008367cf0b049af8094a791e71aed8be929942721edd202212b80b9a06aac1d7e99b52bf119ff772935e1920c3d522b1
Score

3^/10
behavioral22
- Target
  
  ghost-1.0.4/_src/server/callbacks.h
- Size
  
  1KB
- MD5
  
  f575f385596f9319ef8526bc4ec8bb28
- SHA1
  
  95f8cf2b0cf067bbb96d8f28726e7ba19f6db9e0
- SHA256
  
  901bf71587948b21b29e524700d11bd72aad5cf32951b2697af0a8c33638aafd
- SHA512
  
  a207534793e58ac90dbad9b1883059c5d83c64b9c799fefdd239fc979dcdd3beb9a11942534102e2f9efc9c127695fe1a3237e5f1feb12e7a45121cca8750708
Score

3^/10
behavioral23
- Target
  
  ghost-1.0.4/_src/server/config.h
- Size
  
  1KB
- MD5
  
  df009e203d09228e0b87cb776d48fa8e
- SHA1
  
  7e79d60e2709dda9002f234e33dfeee35e906dbf
- SHA256
  
  b35bbb255b2e10926d753ae5f635da3de7592e57bfd5a8c6be5f903fa1ccbd97
- SHA512
  
  17a3e6468d3c9242663c93003720fca185adc1cc6ee5887f9aa2d9410cf9a89743a11c8f3d30ee82ad41ba66b222676f52365f74e68b8ff191473a6e332f4acf
Score

3^/10
behavioral24
- Target
  
  ghost-1.0.4/_src/server/console.h
- Size
  
  10KB
- MD5
  
  97bde5ca4678655ebae53d49acb5fd93
- SHA1
  
  4847917a920bedc24d44af4507a181feaee7af9c
- SHA256
  
  831e8e9a59253ec9da57e1acc64ac904a45f481cd4dc35b9f791ab37190a0f8e
- SHA512
  
  e2ca9a0ae706f0ce3b21004a3330ea06a2e5ae012f39cb8f630642a242947f14848b55b70b01fd30fbace308709e22ea92c136471242c2ffdf038b909e515270
- SSDEEP
  
  192:SfJQ9dh0eydCADBlLU3GLTeVfsisxnSOrBNqbNG:oJQ9jyFlWETeVfsisxnSOrBAbNG
Score

3^/10
behavioral25
- Target
  
  ghost-1.0.4/_src/server/gui.h
- Size
  
  3KB
- MD5
  
  fb270e1545dd70383bfe75c918b081ce
- SHA1
  
  5a511203e6493b97e09f5ef7e27cc834a24effee
- SHA256
  
  45ca3c306e57fd8185c8ba8c42fa29ecf0f73bcbacf74c6c81e6f4f08701d1bf
- SHA512
  
  8d5a8249099c9d30334511de566fd1baedfe6a96169756011928b87a6fb539b882c507925a94551e08cc5b26d37d3b0528d0cb74cc38f6c941a07208d0c90867
Score

3^/10
behavioral26
- Target
  
  ghost-1.0.4/_src/server/info.h
- Size
  
  1KB
- MD5
  
  055873d94671a1717a238ec04d5460ba
- SHA1
  
  ad9636004bce9144053a46bc5d729cedbe110502
- SHA256
  
  32807a843b258f54186a2dd3920cc08e75b4f529b4a3d3b84e83e1ad249ac26c
- SHA512
  
  3814db8e1e261501745a8d7ef8817403ebad80e2d93caa7100867d7347993e4082dc403b7dbf37b74d12e54668d0e49af0c56617ae609bfbeac1133377c0b981
Score

3^/10
behavioral27
- Target
  
  ghost-1.0.4/_src/server/ini.cpp
- Size
  
  6KB
- MD5
  
  7027833361de0285a89e7d62ad7bba53
- SHA1
  
  df96627eba35db9da1bb8bc51eb0cba99cb8d04b
- SHA256
  
  e887cdd85fdc182b90c2431b3d0ef5a633a2584da453ade9a40e522d12e38453
- SHA512
  
  d45bc6c756e022018502a3436e84dce7dcae02debe8ecf5c2bca0e99274926cb5b2205af0bdcc76e6c632b9c346edb4f422014414caf73e833ef180ecead3463
- SSDEEP
  
  192:CvHVu24bHdFJBhRBZM12yWjxziYTRrm/b:CvHVu7hJm
Score

3^/10
behavioral28
- Target
  
  ghost-1.0.4/_src/server/ini.h
- Size
  
  3KB
- MD5
  
  4a5260f8fb1cf99604c97f21a64f0406
- SHA1
  
  9ee85abd17d8f0f47294a0ff75f62148e7d4bf5d
- SHA256
  
  ea19f69c33cdc0ab4ac6cf8e9d36753dac0bb3ac1084933bd15b0e517b248050
- SHA512
  
  303efabc777198007285995a5799ac92ac03ebff0eba92e81046e8f24c4a259d5536de1626c89e23d6572b6365f6b7ffcadda80bc9d6e019c0d8e6d7325f49a7
Score

3^/10
behavioral29
- Target
  
  ghost-1.0.4/_src/server/resource.h
- Size
  
  984B
- MD5
  
  5cb89967f0c6243c70cf9e8fd11435d0
- SHA1
  
  fab5651280349fd54c9b7313044151df54cd9523
- SHA256
  
  9f4d90da5ad02b86fae9cdef6ebfc4778c1f12ea53055376b70d27f549fbbb6a
- SHA512
  
  46c5cd221b4f10d13f0ee44d3b20995d47f21a2356fd3025ec6c1d5942db36adac208047863e31b5de1afb0299e25ddf06ccfc2b9baa2bf5969540e3a80b7405
Score

3^/10
behavioral30
- Target
  
  ghost-1.0.4/_src/server/server.cpp
- Size
  
  2KB
- MD5
  
  b91218302659775a355d6c88328bb645
- SHA1
  
  02890a237c22679a9937cbb757cfc165117d81cc
- SHA256
  
  3ea4f41f1bd5659500460dc4aec10d97d8afe9a56e8c742cc7a9795a0fee63a5
- SHA512
  
  8e0bacd49ad1039831718f4bfe8e7d863f329ffc6d6fe58fd1200a3d4e0e77b87b77a570955928377401b26b700f1037587cda44124d4f535322a7c169dec8b9
Score

3^/10
behavioral31
- Target
  
  ghost-1.0.4/_src/zombie/info.cpp
- Size
  
  4KB
- MD5
  
  9d891b3a3d3a4267753dd9bcfad446d2
- SHA1
  
  fca793cc9286dab80294fd471f08e4f830475fd8
- SHA256
  
  8df59d3e6e61df90378e8b1ec44243fba92b6cd7513de24ad7a310c541af750b
- SHA512
  
  9a937ea0037b3122b526a869c292398a1f97b44b4106cfad4247dbe27b8004b41035a8aeefd1c925a863177e7d496495275401a8bca9a31632931d90d3ee1fe6
- SSDEEP
  
  48:ETflyiHHOjhNFSo0u+cbawQdw3InKhgdPBjm9ADMPZt6S8KWEYgGQGj0mD4uC/fo:SfJ7ufKxa0RmOAmS8KWd4nfBS
Score

3^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32