Overview

overview

3

Static

static

3

ghost-1.0.4.zip

windows11-21h2-x64

1

ghost-1.0....ORS.md

windows11-21h2-x64

3

ghost-1.0....LOG.md

windows11-21h2-x64

3

ghost-1.0.4/LICENSE

windows11-21h2-x64

1

ghost-1.0.4/README.md

windows11-21h2-x64

3

ghost-1.0....st.dll

windows11-21h2-x64

3

ghost-1.0....st.exp

windows11-21h2-x64

3

ghost-1.0....st.lib

windows11-21h2-x64

3

ghost-1.0....st.dll

windows11-21h2-x64

3

ghost-1.0....st.exp

windows11-21h2-x64

3

ghost-1.0....st.lib

windows11-21h2-x64

3

ghost-1.0....t.html

windows11-21h2-x64

3

ghost-1.0....on.ico

windows11-21h2-x64

3

ghost-1.0....et.exe

windows11-21h2-x64

3

ghost-1.0....rypt.h

windows11-21h2-x64

3

ghost-1.0....fo.cpp

windows11-21h2-x64

3

ghost-1.0....ib.cpp

windows11-21h2-x64

3

ghost-1.0....tlib.h

windows11-21h2-x64

3

ghost-1.0....urce.h

windows11-21h2-x64

3

ghost-1.0....fo.cpp

windows11-21h2-x64

3

ghost-1.0....er.cpp

windows11-21h2-x64

3

ghost-1.0....ader.h

windows11-21h2-x64

3

ghost-1.0....acks.h

windows11-21h2-x64

3

ghost-1.0....nfig.h

windows11-21h2-x64

3

ghost-1.0....sole.h

windows11-21h2-x64

3

ghost-1.0..../gui.h

windows11-21h2-x64

3

ghost-1.0....info.h

windows11-21h2-x64

3

ghost-1.0....ni.cpp

windows11-21h2-x64

3

ghost-1.0..../ini.h

windows11-21h2-x64

3

ghost-1.0....urce.h

windows11-21h2-x64

3

ghost-1.0....er.cpp

windows11-21h2-x64

3

ghost-1.0....fo.cpp

windows11-21h2-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    05-09-2024 09:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ghost-1.0.4/CHANGELOG.md

  • Size

    825B

  • MD5

    4f01b9912fd6754799a88d53bbd5ad30

  • SHA1

    cf9c5850c5febe5696d21fe2e11f56046b558722

  • SHA256

    75efaa0409606b5fb87a3d76eeb102d6cf15dadeb34b6743203ae9e97e6915b9

  • SHA512

    878865f4c062edc84db270e5ecf86783a3ffdfef8a0bd261e5b43beac7b180e8886cdcb6e8ac2cab0c04058326c0279f9d12833a8c325530a59f99968bdb5d32

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\ghost-1.0.4\CHANGELOG.md
    1⤵
    • Modifies registry class
    PID:3132
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2960

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads