General
-
Target
17699a58cb84ef5c13dbeef466bd6c09017e5b9b2d9c0084e4b09da89d8aa9d7
-
Size
1.2MB
-
Sample
241217-n2gqbsylds
-
MD5
fe7f2b7fdce4caeeefd4e542f52d39f0
-
SHA1
49fd01d152d03eb17796fa69a36d35d7de1cf50d
-
SHA256
17699a58cb84ef5c13dbeef466bd6c09017e5b9b2d9c0084e4b09da89d8aa9d7
-
SHA512
eadabb8b6c0fe16fdc64b3e1379fe3afe0e6e843c353df9eb40259fba4f31f6acb8aa9bc90641e03b7a7ae930db0dfef7f73145d1694aa8a482ba7abeecddce5
-
SSDEEP
24576:n09tv9/7JtDElDEExIko2H2HESq2eWJ6MQjySjy+qwpe5g2:n09XJt4HIN2H2tFvduyS3pe5g2
Static task
static1
Behavioral task
behavioral1
Sample
17699a58cb84ef5c13dbeef466bd6c09017e5b9b2d9c0084e4b09da89d8aa9d7.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
17699a58cb84ef5c13dbeef466bd6c09017e5b9b2d9c0084e4b09da89d8aa9d7
-
Size
1.2MB
-
MD5
fe7f2b7fdce4caeeefd4e542f52d39f0
-
SHA1
49fd01d152d03eb17796fa69a36d35d7de1cf50d
-
SHA256
17699a58cb84ef5c13dbeef466bd6c09017e5b9b2d9c0084e4b09da89d8aa9d7
-
SHA512
eadabb8b6c0fe16fdc64b3e1379fe3afe0e6e843c353df9eb40259fba4f31f6acb8aa9bc90641e03b7a7ae930db0dfef7f73145d1694aa8a482ba7abeecddce5
-
SSDEEP
24576:n09tv9/7JtDElDEExIko2H2HESq2eWJ6MQjySjy+qwpe5g2:n09XJt4HIN2H2tFvduyS3pe5g2
-
Gh0st RAT payload
-
Gh0strat family
-
Purplefox family
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1