General
-
Target
9af0e067cc3af69301010b68f112a98e0c52295b2f3a73e755b730d328d20ad6
-
Size
2.4MB
-
Sample
240701-e4js2awepc
-
MD5
7f4be491f9fcf9555a3678c5ad9fed0e
-
SHA1
08294b16913f4f7f19edca4c42d0f21c844e9477
-
SHA256
9af0e067cc3af69301010b68f112a98e0c52295b2f3a73e755b730d328d20ad6
-
SHA512
f07db31875abb6adb355e7b2cd1fcbc0c1395dda61343bbddaee871a2a78d20c43c232edca01f60b76e4fd9ea63a24eb391759d24225d3fa80a81c841db91db4
-
SSDEEP
24576:UCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nH4:UCwsbCANnKXferL7Vwe/Gg0P+Whlh
Static task
static1
Behavioral task
behavioral1
Sample
9af0e067cc3af69301010b68f112a98e0c52295b2f3a73e755b730d328d20ad6.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
9af0e067cc3af69301010b68f112a98e0c52295b2f3a73e755b730d328d20ad6
-
Size
2.4MB
-
MD5
7f4be491f9fcf9555a3678c5ad9fed0e
-
SHA1
08294b16913f4f7f19edca4c42d0f21c844e9477
-
SHA256
9af0e067cc3af69301010b68f112a98e0c52295b2f3a73e755b730d328d20ad6
-
SHA512
f07db31875abb6adb355e7b2cd1fcbc0c1395dda61343bbddaee871a2a78d20c43c232edca01f60b76e4fd9ea63a24eb391759d24225d3fa80a81c841db91db4
-
SSDEEP
24576:UCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nH4:UCwsbCANnKXferL7Vwe/Gg0P+Whlh
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-