General
-
Target
b9de020d5a268dd218406ec10c4121268bc2eb627fc0e26ffcac84325368df33
-
Size
1.4MB
-
Sample
241204-vwa4xsxqep
-
MD5
6e0369db22fae494f82a972f5527e6f3
-
SHA1
1b389923da624a89c04094db58733492fd34aba3
-
SHA256
b9de020d5a268dd218406ec10c4121268bc2eb627fc0e26ffcac84325368df33
-
SHA512
ea7da4ff47e228e609140de5a0f29f3dd186d850f301f19307f9ae1c67e69373d60bd4d806de3e8f77c4eb15d87b5c5296942dc770a7748336aa8ee92a47d318
-
SSDEEP
24576:pO9k7fWgHN8kSszVSlMHcTDBMGr9chBM:4WWgGkSMbHcTDh
Static task
static1
Behavioral task
behavioral1
Sample
b9de020d5a268dd218406ec10c4121268bc2eb627fc0e26ffcac84325368df33.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
b9de020d5a268dd218406ec10c4121268bc2eb627fc0e26ffcac84325368df33
-
Size
1.4MB
-
MD5
6e0369db22fae494f82a972f5527e6f3
-
SHA1
1b389923da624a89c04094db58733492fd34aba3
-
SHA256
b9de020d5a268dd218406ec10c4121268bc2eb627fc0e26ffcac84325368df33
-
SHA512
ea7da4ff47e228e609140de5a0f29f3dd186d850f301f19307f9ae1c67e69373d60bd4d806de3e8f77c4eb15d87b5c5296942dc770a7748336aa8ee92a47d318
-
SSDEEP
24576:pO9k7fWgHN8kSszVSlMHcTDBMGr9chBM:4WWgGkSMbHcTDh
-
Gh0st RAT payload
-
Gh0strat family
-
Purplefox family
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-