General
-
Target
8c5be896b660b59046f1e0990c72fd7abed0f51369a8510e805c1db8f6f582ffN.exe
-
Size
348KB
-
Sample
241230-tzq4wazkfk
-
MD5
bdc1ddc53cbccb1282d8ea5a71e93d00
-
SHA1
3c0c44b40da2bf72021db3e1bb72f3ab5e3508ba
-
SHA256
8c5be896b660b59046f1e0990c72fd7abed0f51369a8510e805c1db8f6f582ff
-
SHA512
3d10acc75e96b18d9b42575de73c19d221c5a2cf7ba58f69ccb4afbc4155ff493b8ed0adbad9c44e729fd2f6d7377aa7a305bc9bb9dccae0aad39df415393cb8
-
SSDEEP
6144:MJueTkwOwoWOQ3dwaWB28edeP/deUv80P80Ap8UGwoTGHZOWJkqd0K4rG7eVT0S8:ouLwoZQGpnedeP/deUe1ppGjTGHZRT0g
Behavioral task
behavioral1
Sample
8c5be896b660b59046f1e0990c72fd7abed0f51369a8510e805c1db8f6f582ffN.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
8c5be896b660b59046f1e0990c72fd7abed0f51369a8510e805c1db8f6f582ffN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8c5be896b660b59046f1e0990c72fd7abed0f51369a8510e805c1db8f6f582ffN.exe
-
Size
348KB
-
MD5
bdc1ddc53cbccb1282d8ea5a71e93d00
-
SHA1
3c0c44b40da2bf72021db3e1bb72f3ab5e3508ba
-
SHA256
8c5be896b660b59046f1e0990c72fd7abed0f51369a8510e805c1db8f6f582ff
-
SHA512
3d10acc75e96b18d9b42575de73c19d221c5a2cf7ba58f69ccb4afbc4155ff493b8ed0adbad9c44e729fd2f6d7377aa7a305bc9bb9dccae0aad39df415393cb8
-
SSDEEP
6144:MJueTkwOwoWOQ3dwaWB28edeP/deUv80P80Ap8UGwoTGHZOWJkqd0K4rG7eVT0S8:ouLwoZQGpnedeP/deUe1ppGjTGHZRT0g
Score10/10-
Gh0st RAT payload
-
Gh0strat family
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-