General
-
Target
b1b8e5f4c7dbddbb74e19d6dabdf093610e82b0eca11a07998ba7fe67b52378f
-
Size
756KB
-
Sample
241128-rd99hszldy
-
MD5
d399445b035b99c4de849127250658d0
-
SHA1
41c15a5f765b7c9df4cdc89c42e105ee71284bf4
-
SHA256
b1b8e5f4c7dbddbb74e19d6dabdf093610e82b0eca11a07998ba7fe67b52378f
-
SHA512
72574483a3984ba7a6fcabfe8331b54b9a5f500cc625bf098507101afef8631611ca9c1eb2baf577209ed926b87e2ed6d2403603fc0f7e55b5819a734ed6c23f
-
SSDEEP
12288:Hi2cAro2HQVWAHkFSq2hAWJYlMUtrxlyuJVRe8yT6XvEHG+sMOr5L0G:Hi2Tro2H2HESq2eWJ6MQjySjyyvEHPsz
Static task
static1
Behavioral task
behavioral1
Sample
b1b8e5f4c7dbddbb74e19d6dabdf093610e82b0eca11a07998ba7fe67b52378f.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
b1b8e5f4c7dbddbb74e19d6dabdf093610e82b0eca11a07998ba7fe67b52378f
-
Size
756KB
-
MD5
d399445b035b99c4de849127250658d0
-
SHA1
41c15a5f765b7c9df4cdc89c42e105ee71284bf4
-
SHA256
b1b8e5f4c7dbddbb74e19d6dabdf093610e82b0eca11a07998ba7fe67b52378f
-
SHA512
72574483a3984ba7a6fcabfe8331b54b9a5f500cc625bf098507101afef8631611ca9c1eb2baf577209ed926b87e2ed6d2403603fc0f7e55b5819a734ed6c23f
-
SSDEEP
12288:Hi2cAro2HQVWAHkFSq2hAWJYlMUtrxlyuJVRe8yT6XvEHG+sMOr5L0G:Hi2Tro2H2HESq2eWJ6MQjySjyyvEHPsz
-
Gh0st RAT payload
-
Gh0strat family
-
Purplefox family
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1