General
-
Target
b1ee022018659be07cb0abae6117e5946990929b28a679082e7efe8f2d3a035a
-
Size
1.8MB
-
Sample
241231-c6qy1szncn
-
MD5
36ad15208c64a440d133199c3587be96
-
SHA1
67528b072c1ea62372ac75b73c175fa59e598fc7
-
SHA256
b1ee022018659be07cb0abae6117e5946990929b28a679082e7efe8f2d3a035a
-
SHA512
b12cb45b85b16f29b13caae43b496dcbd8ce97b67e0539bc0d81ab241704d9fab441d926313bf3b95df66e8be132b8424c6b98c188366c88986982af46d4486b
-
SSDEEP
24576:cQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cV6aDILUsWAsp:cQZAdVyVT9n/Gg0P+WhogD4Fk
Static task
static1
Behavioral task
behavioral1
Sample
b1ee022018659be07cb0abae6117e5946990929b28a679082e7efe8f2d3a035a.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
b1ee022018659be07cb0abae6117e5946990929b28a679082e7efe8f2d3a035a
-
Size
1.8MB
-
MD5
36ad15208c64a440d133199c3587be96
-
SHA1
67528b072c1ea62372ac75b73c175fa59e598fc7
-
SHA256
b1ee022018659be07cb0abae6117e5946990929b28a679082e7efe8f2d3a035a
-
SHA512
b12cb45b85b16f29b13caae43b496dcbd8ce97b67e0539bc0d81ab241704d9fab441d926313bf3b95df66e8be132b8424c6b98c188366c88986982af46d4486b
-
SSDEEP
24576:cQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cV6aDILUsWAsp:cQZAdVyVT9n/Gg0P+WhogD4Fk
-
Gh0st RAT payload
-
Gh0strat family
-
Purplefox family
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1