General
-
Target
252115f874019044de7f7ebd36067537ab1e65b51ab771ec447b073fd9d6045d.msi.vir
-
Size
135.9MB
-
Sample
241109-v8anxsyfnh
-
MD5
9bb81bdc5e28a397f25617a22b9e157d
-
SHA1
e9e78c22ff047b35c2a6691295a9df62de203df0
-
SHA256
252115f874019044de7f7ebd36067537ab1e65b51ab771ec447b073fd9d6045d
-
SHA512
dc5678fd1441a5b65792f16ffc64694029f2b70dabcb4d54908121c2267d0f34b4de83d951a656267c80e288d9b0b0030d42572a7782d45762427be07c61483d
-
SSDEEP
3145728:9QlSw/0KksfWneWVr6/4J3DYgxqmz8CZCLLURIq3MmzJPeHeZ:GlSw/7ksOneWVm/CDYddLYIcMeZ
Static task
static1
Behavioral task
behavioral1
Sample
252115f874019044de7f7ebd36067537ab1e65b51ab771ec447b073fd9d6045d.msi
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
252115f874019044de7f7ebd36067537ab1e65b51ab771ec447b073fd9d6045d.msi
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
252115f874019044de7f7ebd36067537ab1e65b51ab771ec447b073fd9d6045d.msi.vir
-
Size
135.9MB
-
MD5
9bb81bdc5e28a397f25617a22b9e157d
-
SHA1
e9e78c22ff047b35c2a6691295a9df62de203df0
-
SHA256
252115f874019044de7f7ebd36067537ab1e65b51ab771ec447b073fd9d6045d
-
SHA512
dc5678fd1441a5b65792f16ffc64694029f2b70dabcb4d54908121c2267d0f34b4de83d951a656267c80e288d9b0b0030d42572a7782d45762427be07c61483d
-
SSDEEP
3145728:9QlSw/0KksfWneWVr6/4J3DYgxqmz8CZCLLURIq3MmzJPeHeZ:GlSw/7ksOneWVm/CDYddLYIcMeZ
-
Gh0st RAT payload
-
Gh0strat family
-
Purplefox family
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-