General
-
Target
e3afbc09b473ebc206b3f6240867ce775d5a8d77a2608c1185fc61283d122f57
-
Size
109KB
-
Sample
221020-hdem6shgfm
-
MD5
42f0acf0c568c4ca88c244d03b355711
-
SHA1
7290672ae726de11013b9a66931dd1084e316985
-
SHA256
e3afbc09b473ebc206b3f6240867ce775d5a8d77a2608c1185fc61283d122f57
-
SHA512
407e90f3061c92c6a523d69dd37e7d7a080b99b969444c56df9c74c17bc73e0cdaf03e9da5906336cb5b6b764e07bc5dfa510c829847a33e322b49ad67d0e8cd
-
SSDEEP
1536:zVH8oMsa6kRfJirY84erfImafc61JfcUcKDRA8/HUtpFXCAIO:zZ8oVa6wiraf91JcUcw/HUtpFXCAIO
Malware Config
Targets
-
-
Target
e3afbc09b473ebc206b3f6240867ce775d5a8d77a2608c1185fc61283d122f57
-
Size
109KB
-
MD5
42f0acf0c568c4ca88c244d03b355711
-
SHA1
7290672ae726de11013b9a66931dd1084e316985
-
SHA256
e3afbc09b473ebc206b3f6240867ce775d5a8d77a2608c1185fc61283d122f57
-
SHA512
407e90f3061c92c6a523d69dd37e7d7a080b99b969444c56df9c74c17bc73e0cdaf03e9da5906336cb5b6b764e07bc5dfa510c829847a33e322b49ad67d0e8cd
-
SSDEEP
1536:zVH8oMsa6kRfJirY84erfImafc61JfcUcKDRA8/HUtpFXCAIO:zZ8oVa6wiraf91JcUcw/HUtpFXCAIO
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Sets DLL path for service in the registry
-
Loads dropped DLL
-