General
-
Target
7c927603916abeebe91d9afc1367c4a64ad5061badcd8d4801e022e978c51678
-
Size
1.5MB
-
Sample
241231-c6qm9aznbr
-
MD5
e32ddc975922b55fff47bf0b43393975
-
SHA1
7dc4f98d951ee560f3b75e02a66e9d908fa708c7
-
SHA256
7c927603916abeebe91d9afc1367c4a64ad5061badcd8d4801e022e978c51678
-
SHA512
b4b3a9752717098a89d4617119993aaeb7f91ef4b7366894fd58c1bf3a4a4217253ad43255189b45ac1abea2f4d68702a6d9af3321bdff616c6d300aaeea03c5
-
SSDEEP
24576:UQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cVtwpeMDILUsWAsE:UQZAdVyVT9n/Gg0P+WhovpeMD4FF
Static task
static1
Behavioral task
behavioral1
Sample
7c927603916abeebe91d9afc1367c4a64ad5061badcd8d4801e022e978c51678.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
7c927603916abeebe91d9afc1367c4a64ad5061badcd8d4801e022e978c51678
-
Size
1.5MB
-
MD5
e32ddc975922b55fff47bf0b43393975
-
SHA1
7dc4f98d951ee560f3b75e02a66e9d908fa708c7
-
SHA256
7c927603916abeebe91d9afc1367c4a64ad5061badcd8d4801e022e978c51678
-
SHA512
b4b3a9752717098a89d4617119993aaeb7f91ef4b7366894fd58c1bf3a4a4217253ad43255189b45ac1abea2f4d68702a6d9af3321bdff616c6d300aaeea03c5
-
SSDEEP
24576:UQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cVtwpeMDILUsWAsE:UQZAdVyVT9n/Gg0P+WhovpeMD4FF
-
Gh0st RAT payload
-
Gh0strat family
-
Purplefox family
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Server Software Component
1Terminal Services DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1