Overview

overview

10

Static

static

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    tmp

  • Size

    2.6MB

  • Sample

    220913-x6fhhagdg7

  • MD5

    ed8de0c7d003f2e4c886b4dfb47f6661

  • SHA1

    3aeb12a0943d91391f5355f40025a0e9f2021af8

  • SHA256

    cc79f13f0b34b915aaac9ce304f2af834ac31b0a9c9d1da0ed1678d0120e6580

  • SHA512

    8b0365c3d20602d5a5beab4198095fe72f9471752188b7c56c2b5bb8956adbfbe6c113ecaad80672eb35eecf4f8c0389b86091ed81845e151cb81bd0d65a268c

  • SSDEEP

    24576:mnYmfosf+fsntZlBKgxYDM4AAtzZ//RKhfEWkKdjm0SbZJTRnIQRq03:dmV+0ntZlBKgOM4AAtFQcRovqvucP

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      tmp

    • Size

      2.6MB

    • MD5

      ed8de0c7d003f2e4c886b4dfb47f6661

    • SHA1

      3aeb12a0943d91391f5355f40025a0e9f2021af8

    • SHA256

      cc79f13f0b34b915aaac9ce304f2af834ac31b0a9c9d1da0ed1678d0120e6580

    • SHA512

      8b0365c3d20602d5a5beab4198095fe72f9471752188b7c56c2b5bb8956adbfbe6c113ecaad80672eb35eecf4f8c0389b86091ed81845e151cb81bd0d65a268c

    • SSDEEP

      24576:mnYmfosf+fsntZlBKgxYDM4AAtzZ//RKhfEWkKdjm0SbZJTRnIQRq03:dmV+0ntZlBKgOM4AAtFQcRovqvucP

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks