General
-
Target
573163d4d59a49b099549641dbc554dbe1ed9688bfcf936e15be9914b7f44705
-
Size
1.3MB
-
Sample
241007-hwee5awekc
-
MD5
2fe8328e55c69c4225fa09f5b5325d4a
-
SHA1
cd11599f1706f96241726ac459270b0c1fdb69cc
-
SHA256
573163d4d59a49b099549641dbc554dbe1ed9688bfcf936e15be9914b7f44705
-
SHA512
d32c49b91ce1058c1a78ce7fc51c0212ca91399ac75241485aa0389d0bee7f8ac75d8662120573ceda0935acd55c85b2c61ccd5f8edd75f26b2c5a9add7320a4
-
SSDEEP
24576:dOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNx:QHPkVOBTK
Static task
static1
Behavioral task
behavioral1
Sample
573163d4d59a49b099549641dbc554dbe1ed9688bfcf936e15be9914b7f44705.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
573163d4d59a49b099549641dbc554dbe1ed9688bfcf936e15be9914b7f44705
-
Size
1.3MB
-
MD5
2fe8328e55c69c4225fa09f5b5325d4a
-
SHA1
cd11599f1706f96241726ac459270b0c1fdb69cc
-
SHA256
573163d4d59a49b099549641dbc554dbe1ed9688bfcf936e15be9914b7f44705
-
SHA512
d32c49b91ce1058c1a78ce7fc51c0212ca91399ac75241485aa0389d0bee7f8ac75d8662120573ceda0935acd55c85b2c61ccd5f8edd75f26b2c5a9add7320a4
-
SSDEEP
24576:dOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNx:QHPkVOBTK
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Deletes itself
-
Executes dropped EXE
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1