General
-
Target
897808e47ba39ee83b552665f327a29697d00cade117b7609d8f2ff979b418ee
-
Size
2.9MB
-
Sample
240701-ezptgswdnd
-
MD5
9da340bbc9ae5a0cd4bc392800310f3e
-
SHA1
08ce2d4102c3f1cb031b2cb812b598281f069bc7
-
SHA256
897808e47ba39ee83b552665f327a29697d00cade117b7609d8f2ff979b418ee
-
SHA512
d44e380084015158e3735387b365477603da3ef1dc04260c06e486a3a840c8a73a37d7de82e03f75012547827552af9a77fca4dbdf97b3db9649a1f049d89bb8
-
SSDEEP
49152:VCwsbCANnKXferL7Vwe/Gg0P+WhmLn8mqgl7h:Iws2ANnKXOaeOgmhPmhl7h
Static task
static1
Behavioral task
behavioral1
Sample
897808e47ba39ee83b552665f327a29697d00cade117b7609d8f2ff979b418ee.exe
Resource
win7-20240419-en
Malware Config
Targets
-
-
Target
897808e47ba39ee83b552665f327a29697d00cade117b7609d8f2ff979b418ee
-
Size
2.9MB
-
MD5
9da340bbc9ae5a0cd4bc392800310f3e
-
SHA1
08ce2d4102c3f1cb031b2cb812b598281f069bc7
-
SHA256
897808e47ba39ee83b552665f327a29697d00cade117b7609d8f2ff979b418ee
-
SHA512
d44e380084015158e3735387b365477603da3ef1dc04260c06e486a3a840c8a73a37d7de82e03f75012547827552af9a77fca4dbdf97b3db9649a1f049d89bb8
-
SSDEEP
49152:VCwsbCANnKXferL7Vwe/Gg0P+WhmLn8mqgl7h:Iws2ANnKXOaeOgmhPmhl7h
-
Gh0st RAT payload
-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-