General
-
Target
2e4610106d3c565c5ec2c1643ac863a52261b237c136bbe7361d5aa3bfa37697
-
Size
2.7MB
-
Sample
221010-gvnrqsbabp
-
MD5
bd0b13f3942d062fa1f613d9527dfd75
-
SHA1
1b2d135e51566bcc7efa3e55b203ddc40ffd319e
-
SHA256
2e4610106d3c565c5ec2c1643ac863a52261b237c136bbe7361d5aa3bfa37697
-
SHA512
d09eb65c93412732f047f9c09143a1c9ee7eeda8d487f600a0af8c175e8b7da2686a0a5861963d6b581bc6e2e53c589b634ffb5b5e161ca826b4e575d9501ded
-
SSDEEP
24576:VteFUEECJhFt/D5nJ1dl61wIQndBAWEpFjb7kzlKMsHWULMRmapWSGP:OFUhATRjEp18fUSG
Malware Config
Targets
-
-
Target
2e4610106d3c565c5ec2c1643ac863a52261b237c136bbe7361d5aa3bfa37697
-
Size
2.7MB
-
MD5
bd0b13f3942d062fa1f613d9527dfd75
-
SHA1
1b2d135e51566bcc7efa3e55b203ddc40ffd319e
-
SHA256
2e4610106d3c565c5ec2c1643ac863a52261b237c136bbe7361d5aa3bfa37697
-
SHA512
d09eb65c93412732f047f9c09143a1c9ee7eeda8d487f600a0af8c175e8b7da2686a0a5861963d6b581bc6e2e53c589b634ffb5b5e161ca826b4e575d9501ded
-
SSDEEP
24576:VteFUEECJhFt/D5nJ1dl61wIQndBAWEpFjb7kzlKMsHWULMRmapWSGP:OFUhATRjEp18fUSG
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-