Analysis
-
max time kernel
3s -
max time network
7s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
20/10/2022, 05:12
Errors
Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\7c04137a3a07c7e9935e3061f5d4a7fd4ab7e516c3e92aaf925a14ab1aaecec3.exe
command="C:\Users\Admin\AppData\Local\Temp\7c04137a3a07c7e9935e3061f5d4a7fd4ab7e516c3e92aaf925a14ab1aaecec3.exe"
wdir=C:\Users\Admin\AppData\Local\Temp
Payload error: The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
General
-
Target
7c04137a3a07c7e9935e3061f5d4a7fd4ab7e516c3e92aaf925a14ab1aaecec3.exe
-
Size
356KB
-
MD5
56d4cb5bff6100d21b9eb42dcd0ef980
-
SHA1
c2c6fd7350953e40ba2748c7e5d682ef621e024b
-
SHA256
7c04137a3a07c7e9935e3061f5d4a7fd4ab7e516c3e92aaf925a14ab1aaecec3
-
SHA512
6271ded002df131d88921d4b40737c41810be2e678aec54a651d75a35f19d0846998ae99be33a354e73a4b5016b1390cc819fc8449eddc4a88e2311ef276103e
-
SSDEEP
6144:yUJNNNrG58hm09JcC/7JWtV6dEPV8KLXNH:yuVrG5/6JZdW+dEmeX
Score
10/10
Malware Config
Signatures
-
Gh0st RAT payload 1 IoCs
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
Processes
-
C:\Users\Admin\AppData\Local\Temp\7c04137a3a07c7e9935e3061f5d4a7fd4ab7e516c3e92aaf925a14ab1aaecec3.exe"C:\Users\Admin\AppData\Local\Temp\7c04137a3a07c7e9935e3061f5d4a7fd4ab7e516c3e92aaf925a14ab1aaecec3.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
368KB