General
-
Target
f2d77668e6c83339783131680f8eb3f4a2305a7c2f85d57e772d7b220051ea2c
-
Size
1.3MB
-
Sample
241206-3f8z1szlaq
-
MD5
7de5ad219a12e9a7784403d04a7cd166
-
SHA1
144fee5ea8cad4bc141b11fda63f628386df9d92
-
SHA256
f2d77668e6c83339783131680f8eb3f4a2305a7c2f85d57e772d7b220051ea2c
-
SHA512
bc270eb100c9884126b2eab1c67ffd13e7d06bf9a04f8c8cd56c72e3b29a101860fadb15be047300f5175fc2df483ac5a93d3205f9778e8eb633304ff3d6fbfa
-
SSDEEP
24576:TQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cV9wpe50XAW:TQZAdVyVT9n/Gg0P+WhoPpeGN
Static task
static1
Behavioral task
behavioral1
Sample
f2d77668e6c83339783131680f8eb3f4a2305a7c2f85d57e772d7b220051ea2c.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
f2d77668e6c83339783131680f8eb3f4a2305a7c2f85d57e772d7b220051ea2c
-
Size
1.3MB
-
MD5
7de5ad219a12e9a7784403d04a7cd166
-
SHA1
144fee5ea8cad4bc141b11fda63f628386df9d92
-
SHA256
f2d77668e6c83339783131680f8eb3f4a2305a7c2f85d57e772d7b220051ea2c
-
SHA512
bc270eb100c9884126b2eab1c67ffd13e7d06bf9a04f8c8cd56c72e3b29a101860fadb15be047300f5175fc2df483ac5a93d3205f9778e8eb633304ff3d6fbfa
-
SSDEEP
24576:TQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cV9wpe50XAW:TQZAdVyVT9n/Gg0P+WhoPpeGN
-
Gh0st RAT payload
-
Gh0strat family
-
Purplefox family
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Server Software Component
1Terminal Services DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1