General
-
Target
c43c39b56b4ef44c8ceddb6200cee14cfe52bfa147a63f65a9c0455c66f97ff7
-
Size
1.3MB
-
Sample
240701-e382jazbmq
-
MD5
dca2a981a0faba1846d9ec8b7b9d61b7
-
SHA1
2103e99cad9ba7068a4b0fc4d1eac040c95dc6db
-
SHA256
c43c39b56b4ef44c8ceddb6200cee14cfe52bfa147a63f65a9c0455c66f97ff7
-
SHA512
dec3002ee62ba1e28c947db5a46c5334689668f527c3238e7e17a6f8c70237884bb5cf5e183d543dd8decf7c3423eef81a77f500a628156c0800cd9c69ed6a50
-
SSDEEP
24576:EQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cVXwpeuh:EQZAdVyVT9n/Gg0P+WhoRpeuh
Static task
static1
Behavioral task
behavioral1
Sample
c43c39b56b4ef44c8ceddb6200cee14cfe52bfa147a63f65a9c0455c66f97ff7.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
c43c39b56b4ef44c8ceddb6200cee14cfe52bfa147a63f65a9c0455c66f97ff7
-
Size
1.3MB
-
MD5
dca2a981a0faba1846d9ec8b7b9d61b7
-
SHA1
2103e99cad9ba7068a4b0fc4d1eac040c95dc6db
-
SHA256
c43c39b56b4ef44c8ceddb6200cee14cfe52bfa147a63f65a9c0455c66f97ff7
-
SHA512
dec3002ee62ba1e28c947db5a46c5334689668f527c3238e7e17a6f8c70237884bb5cf5e183d543dd8decf7c3423eef81a77f500a628156c0800cd9c69ed6a50
-
SSDEEP
24576:EQZoidOTdVZinacCET9Ecl1erdg0MCiVWhFU7cVXwpeuh:EQZAdVyVT9n/Gg0P+WhoRpeuh
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-