General
-
Target
a03f712682eed0c7d6926124668d2819a4b459a3b7ad3b9f7e86df72bf7fd75e
-
Size
640KB
-
Sample
241210-xt1b5svkd1
-
MD5
32e19fe92b410b2cae5053a43bffad18
-
SHA1
58f3b2799424cc71c0cd1fb49be7d5f51bd1aa74
-
SHA256
a03f712682eed0c7d6926124668d2819a4b459a3b7ad3b9f7e86df72bf7fd75e
-
SHA512
11ed8672e39736d72cfa8db7cd6b7e7903930d51fc5d212473d40e24bd3fc121956e1b35bc90384d89517ec47bfbf377fd554a394fba08d41d2cd27960fd63b9
-
SSDEEP
12288:Ei2cAro2HQVWAHkFSq2hAWJYlMUtrxlyuJVRe8yeu:Ei2Tro2H2HESq2eWJ6MQjySjyeu
Static task
static1
Behavioral task
behavioral1
Sample
a03f712682eed0c7d6926124668d2819a4b459a3b7ad3b9f7e86df72bf7fd75e.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
a03f712682eed0c7d6926124668d2819a4b459a3b7ad3b9f7e86df72bf7fd75e
-
Size
640KB
-
MD5
32e19fe92b410b2cae5053a43bffad18
-
SHA1
58f3b2799424cc71c0cd1fb49be7d5f51bd1aa74
-
SHA256
a03f712682eed0c7d6926124668d2819a4b459a3b7ad3b9f7e86df72bf7fd75e
-
SHA512
11ed8672e39736d72cfa8db7cd6b7e7903930d51fc5d212473d40e24bd3fc121956e1b35bc90384d89517ec47bfbf377fd554a394fba08d41d2cd27960fd63b9
-
SSDEEP
12288:Ei2cAro2HQVWAHkFSq2hAWJYlMUtrxlyuJVRe8yeu:Ei2Tro2H2HESq2eWJ6MQjySjyeu
-
Gh0st RAT payload
-
Gh0strat family
-
Purplefox family
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1