General
-
Target
2937dc0acfdba23157b87670796e9db8458e318b9316a53127946f02ca7af924
-
Size
1.9MB
-
Sample
241205-f3j8vawqbm
-
MD5
1839fef2a1f18e3a72b8c67e735cd908
-
SHA1
51ff38c8b5520912bf43949d1800a1e08fb4b021
-
SHA256
2937dc0acfdba23157b87670796e9db8458e318b9316a53127946f02ca7af924
-
SHA512
42963c62ca270a04af2841b486255e7635c9e1596ea398ca51cb6134537b044156d71061dc71926d1b43a96f81fb580585556e97e24feff41deffaa0f7d3bf69
-
SSDEEP
49152:QQZAdVyVT9n/Gg0P+Who9fzImcLYFpeapelE:5GdVyVT9nOgmhAfSFvlE
Static task
static1
Behavioral task
behavioral1
Sample
2937dc0acfdba23157b87670796e9db8458e318b9316a53127946f02ca7af924.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
2937dc0acfdba23157b87670796e9db8458e318b9316a53127946f02ca7af924
-
Size
1.9MB
-
MD5
1839fef2a1f18e3a72b8c67e735cd908
-
SHA1
51ff38c8b5520912bf43949d1800a1e08fb4b021
-
SHA256
2937dc0acfdba23157b87670796e9db8458e318b9316a53127946f02ca7af924
-
SHA512
42963c62ca270a04af2841b486255e7635c9e1596ea398ca51cb6134537b044156d71061dc71926d1b43a96f81fb580585556e97e24feff41deffaa0f7d3bf69
-
SSDEEP
49152:QQZAdVyVT9n/Gg0P+Who9fzImcLYFpeapelE:5GdVyVT9nOgmhAfSFvlE
-
Gh0st RAT payload
-
Gh0strat family
-
Purplefox family
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1