General
-
Target
d2a9a39d84763ffc0b0c57dcfaafe7439a50902e307107dc2a70354d04559004
-
Size
491KB
-
Sample
241207-nbxnvswjem
-
MD5
4d02d507c92aa0b0a7ad9b8c215bb41c
-
SHA1
2a5b27d0c34db285565ca07816f2912fe3db24ff
-
SHA256
d2a9a39d84763ffc0b0c57dcfaafe7439a50902e307107dc2a70354d04559004
-
SHA512
e2d6783d1423351581f243e1018825970d48345043a19ba5c88322824847e37453364f685b7b55de41d3e50bc7408b79c496781e19965f878401246b5d0d46c0
-
SSDEEP
6144:GpoMkequERu8qQ1fjYMMW9eKZH+IdISTUL24qL9cPKcPzR2RG6lZv:oDR+u8pfjYMMWNvdhUSByFPz8v
Static task
static1
Behavioral task
behavioral1
Sample
d2a9a39d84763ffc0b0c57dcfaafe7439a50902e307107dc2a70354d04559004.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
d2a9a39d84763ffc0b0c57dcfaafe7439a50902e307107dc2a70354d04559004
-
Size
491KB
-
MD5
4d02d507c92aa0b0a7ad9b8c215bb41c
-
SHA1
2a5b27d0c34db285565ca07816f2912fe3db24ff
-
SHA256
d2a9a39d84763ffc0b0c57dcfaafe7439a50902e307107dc2a70354d04559004
-
SHA512
e2d6783d1423351581f243e1018825970d48345043a19ba5c88322824847e37453364f685b7b55de41d3e50bc7408b79c496781e19965f878401246b5d0d46c0
-
SSDEEP
6144:GpoMkequERu8qQ1fjYMMW9eKZH+IdISTUL24qL9cPKcPzR2RG6lZv:oDR+u8pfjYMMWNvdhUSByFPz8v
-
Gh0st RAT payload
-
Gh0strat family
-
Purplefox family
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-