General
-
Target
d8699268c2ee30bd1c9d45922ffec9a1644ecbd5c28ff5505fa80a47bc277868
-
Size
437KB
-
Sample
241005-h4paasselj
-
MD5
41f4b5daa4da7cdd17984488598c1054
-
SHA1
dba7eea0b59f565f33c2625f7cc999463e4f9585
-
SHA256
d8699268c2ee30bd1c9d45922ffec9a1644ecbd5c28ff5505fa80a47bc277868
-
SHA512
e6232fc33dc4a5ddb0935a910874a270d96828187c87879afbe451043b183dddf2b676aaac3b60f6b66999e6585747a29c6d0eab140d258f2f4e30966a198c84
-
SSDEEP
6144:bas0ZLc/IJvCklIqA8mvHwgnHJp9OWqw7zsK0bencTpX4KtjY5Jt/lt0zwzOu6Wq:gBFJqk2q1g5ppemr0bAKoNfnQCSWpoSw
Behavioral task
behavioral1
Sample
d8699268c2ee30bd1c9d45922ffec9a1644ecbd5c28ff5505fa80a47bc277868.dll
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
d8699268c2ee30bd1c9d45922ffec9a1644ecbd5c28ff5505fa80a47bc277868
-
Size
437KB
-
MD5
41f4b5daa4da7cdd17984488598c1054
-
SHA1
dba7eea0b59f565f33c2625f7cc999463e4f9585
-
SHA256
d8699268c2ee30bd1c9d45922ffec9a1644ecbd5c28ff5505fa80a47bc277868
-
SHA512
e6232fc33dc4a5ddb0935a910874a270d96828187c87879afbe451043b183dddf2b676aaac3b60f6b66999e6585747a29c6d0eab140d258f2f4e30966a198c84
-
SSDEEP
6144:bas0ZLc/IJvCklIqA8mvHwgnHJp9OWqw7zsK0bencTpX4KtjY5Jt/lt0zwzOu6Wq:gBFJqk2q1g5ppemr0bAKoNfnQCSWpoSw
-
Gh0st RAT payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-