Overview

overview

10

Static

static

10

6d5506afd1...12.dll

windows7-x64

10

6d5506afd1...12.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6d5506afd176ec21b7400014e307121697b4c0b36c087aeca3403607cb29db12

  • Size

    114KB

  • Sample

    220918-2wp2eadfd7

  • MD5

    df96496f94e7625054d0c8945a83cfe5

  • SHA1

    5383f91cf9903b730e0df785d0e800eeaa1332ad

  • SHA256

    6d5506afd176ec21b7400014e307121697b4c0b36c087aeca3403607cb29db12

  • SHA512

    bde86010dae78b56851663db890fecd58fbdece70b164a7f2ac0f3b90f170b78898ae87d5cbe27dc497ab6114d09685bd826d8c30e76731098b5725ec40d41c2

  • SSDEEP

    1536:DAWp+g5LW7yM0r5BsrzKbpsV29Wttc8ElfIN+uBYk/ifSg//:EWP5UyMwb00N9WttHEdIN+uSk/ifSE

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      6d5506afd176ec21b7400014e307121697b4c0b36c087aeca3403607cb29db12

    • Size

      114KB

    • MD5

      df96496f94e7625054d0c8945a83cfe5

    • SHA1

      5383f91cf9903b730e0df785d0e800eeaa1332ad

    • SHA256

      6d5506afd176ec21b7400014e307121697b4c0b36c087aeca3403607cb29db12

    • SHA512

      bde86010dae78b56851663db890fecd58fbdece70b164a7f2ac0f3b90f170b78898ae87d5cbe27dc497ab6114d09685bd826d8c30e76731098b5725ec40d41c2

    • SSDEEP

      1536:DAWp+g5LW7yM0r5BsrzKbpsV29Wttc8ElfIN+uBYk/ifSg//:EWP5UyMwb00N9WttHEdIN+uSk/ifSE

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks