General
-
Target
612baf1f943986435bbbe63cb25d0fabcd88491a56e23ded0e6de86b296fb3ad
-
Size
532KB
-
Sample
241029-zj9tyazbmf
-
MD5
b824c75a1761c41eca0983f41bf8e65c
-
SHA1
bb30b43e57f1fb60e3a1bd503882c7d9812947a7
-
SHA256
612baf1f943986435bbbe63cb25d0fabcd88491a56e23ded0e6de86b296fb3ad
-
SHA512
80851763ce634fbd3b7e3398e3eb51fbc5b0f452aca1199f82c42bb78ae67f2d7c3356ce6c773bb444f21c9a08b7c4e3d16d3d2b6b3538e6dc93ea6a32d93db8
-
SSDEEP
12288:KRdy3HCdZyyXlG47Of9daZF+EnBEnAzr+zbSN2RJ:KRqCdZyyXlG4QKiIySN2R
Static task
static1
Behavioral task
behavioral1
Sample
612baf1f943986435bbbe63cb25d0fabcd88491a56e23ded0e6de86b296fb3ad.exe
Resource
win7-20241023-en
Malware Config
Targets
-
-
Target
612baf1f943986435bbbe63cb25d0fabcd88491a56e23ded0e6de86b296fb3ad
-
Size
532KB
-
MD5
b824c75a1761c41eca0983f41bf8e65c
-
SHA1
bb30b43e57f1fb60e3a1bd503882c7d9812947a7
-
SHA256
612baf1f943986435bbbe63cb25d0fabcd88491a56e23ded0e6de86b296fb3ad
-
SHA512
80851763ce634fbd3b7e3398e3eb51fbc5b0f452aca1199f82c42bb78ae67f2d7c3356ce6c773bb444f21c9a08b7c4e3d16d3d2b6b3538e6dc93ea6a32d93db8
-
SSDEEP
12288:KRdy3HCdZyyXlG47Of9daZF+EnBEnAzr+zbSN2RJ:KRqCdZyyXlG4QKiIySN2R
-
Gh0st RAT payload
-
Gh0strat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-