General
-
Target
03c9e349282c833d3f60028dcace5f8f85655d73fc5d491d5dd6474aec71f7c7.exe
-
Size
1.4MB
-
Sample
241118-rpl13aybjc
-
MD5
5634ff19a99f4a5185ce48490ef679ad
-
SHA1
856fe34eac3f64d2bde77fa4b2e451dda249f8f3
-
SHA256
03c9e349282c833d3f60028dcace5f8f85655d73fc5d491d5dd6474aec71f7c7
-
SHA512
45f536e394b3f45cf88646c9119b0a470d4297c8149b3a55cf19bdc5d393d378e380920c98814905bf9a5cb5ce18a2e03aad7214f0a54367d3939c8bf4504bf0
-
SSDEEP
24576:F39WkOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNB:59qHPkVOBTKB
Static task
static1
Behavioral task
behavioral1
Sample
03c9e349282c833d3f60028dcace5f8f85655d73fc5d491d5dd6474aec71f7c7.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
03c9e349282c833d3f60028dcace5f8f85655d73fc5d491d5dd6474aec71f7c7.exe
-
Size
1.4MB
-
MD5
5634ff19a99f4a5185ce48490ef679ad
-
SHA1
856fe34eac3f64d2bde77fa4b2e451dda249f8f3
-
SHA256
03c9e349282c833d3f60028dcace5f8f85655d73fc5d491d5dd6474aec71f7c7
-
SHA512
45f536e394b3f45cf88646c9119b0a470d4297c8149b3a55cf19bdc5d393d378e380920c98814905bf9a5cb5ce18a2e03aad7214f0a54367d3939c8bf4504bf0
-
SSDEEP
24576:F39WkOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNB:59qHPkVOBTKB
-
Gh0st RAT payload
-
Gh0strat family
-
Purplefox family
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1