Overview

overview

10

Static

static

467378c1f5...25.exe

windows7-x64

10

467378c1f5...25.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    467378c1f55847b3d3c9a51fc9b8bf98765b82d49b63130d78e4c0e24e4b8a25.bin

  • Size

    36KB

  • Sample

    220919-s61q8abbak

  • MD5

    3ee50799053c6fad0da22005828201c5

  • SHA1

    70427160cf5a9ec44fe1d624f020849f05e3e057

  • SHA256

    467378c1f55847b3d3c9a51fc9b8bf98765b82d49b63130d78e4c0e24e4b8a25

  • SHA512

    744430acb9a87b243270c581f3ff186f49cb0372200f16267a100e149dd368745cefc889628031e4caa482aac0b53d89e3477976266e11840005969ee168ecdf

  • SSDEEP

    384:oc1aFf37oKw75HISz6eQpKlvIp/S6WYsjmJIxZAZ:ocgT27ptWeQp+wp6ZTSH

Score
10/10
gh0stratpersistencerat

Malware Config

Targets

    • Target

      467378c1f55847b3d3c9a51fc9b8bf98765b82d49b63130d78e4c0e24e4b8a25.bin

    • Size

      36KB

    • MD5

      3ee50799053c6fad0da22005828201c5

    • SHA1

      70427160cf5a9ec44fe1d624f020849f05e3e057

    • SHA256

      467378c1f55847b3d3c9a51fc9b8bf98765b82d49b63130d78e4c0e24e4b8a25

    • SHA512

      744430acb9a87b243270c581f3ff186f49cb0372200f16267a100e149dd368745cefc889628031e4caa482aac0b53d89e3477976266e11840005969ee168ecdf

    • SSDEEP

      384:oc1aFf37oKw75HISz6eQpKlvIp/S6WYsjmJIxZAZ:ocgT27ptWeQp+wp6ZTSH

    Score
    10/10
    gh0stratpersistencerat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks