Overview

overview

10

Static

static

cb2e5d8803...5a.exe

windows7-x64

8

cb2e5d8803...5a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cb2e5d88032f1a8b32f7f7050335580e0af9d6d18b83fc709ee9ebaf22f3c45a

  • Size

    97KB

  • Sample

    221106-h9jxrshgh6

  • MD5

    113b5c541bc1b23f3a34f88b546b4deb

  • SHA1

    bc79538a2d97781a8a6cfa62ce1ff58d23bdbe09

  • SHA256

    cb2e5d88032f1a8b32f7f7050335580e0af9d6d18b83fc709ee9ebaf22f3c45a

  • SHA512

    51ae733cbc6ee0975dee75652117ffc0bc4f2ac4d558aec79e55db92756b631aca7f05f0a10af856ad602cb5664b1acf28cc3bb3432c36da5140679ea317d43b

  • SSDEEP

    1536:90FusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prK2mVEhS:9GS4jHS8q/3nTzePCwNUh4E9hor

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      cb2e5d88032f1a8b32f7f7050335580e0af9d6d18b83fc709ee9ebaf22f3c45a

    • Size

      97KB

    • MD5

      113b5c541bc1b23f3a34f88b546b4deb

    • SHA1

      bc79538a2d97781a8a6cfa62ce1ff58d23bdbe09

    • SHA256

      cb2e5d88032f1a8b32f7f7050335580e0af9d6d18b83fc709ee9ebaf22f3c45a

    • SHA512

      51ae733cbc6ee0975dee75652117ffc0bc4f2ac4d558aec79e55db92756b631aca7f05f0a10af856ad602cb5664b1acf28cc3bb3432c36da5140679ea317d43b

    • SSDEEP

      1536:90FusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prK2mVEhS:9GS4jHS8q/3nTzePCwNUh4E9hor

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks