gh0strat | 22b055e9d5da1c2a8dfb21777dab21d4093eb65aef5c959d56caacf34f656b03 | Triage

Submit
Reports

Overview

overview

Static

static

22b055e9d5...03.exe

windows7-x64

8

22b055e9d5...03.exe

windows10-2004-x64

Sharing

General

Target

22b055e9d5da1c2a8dfb21777dab21d4093eb65aef5c959d56caacf34f656b03
Size

96KB
Sample

221128-g71l3agd41
MD5

143d616b1ba8dc45a2a4d506b2365ec7
SHA1

0e7569741b996a7ad72e4175025a69205712a775
SHA256

22b055e9d5da1c2a8dfb21777dab21d4093eb65aef5c959d56caacf34f656b03
SHA512

947e789a37db4b692157c1fb409a763353dbb6234cd1c53a530253ffd4936413d47e3d2c2d7248db3c78ec9680e96111e39c6b8776dd52721b6a058bac2d056f
SSDEEP

1536:gcFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prbrJRlRjdCQ35HFP:gOS4jHS8q/3nTzePCwNUh4E9bvfjwiFP

Score

10^/10

gh0strat rat

Static task

static1

Behavioral task

behavioral1

Sample

22b055e9d5da1c2a8dfb21777dab21d4093eb65aef5c959d56caacf34f656b03.exe

Resource

win7-20220812-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

22b055e9d5da1c2a8dfb21777dab21d4093eb65aef5c959d56caacf34f656b03.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  22b055e9d5da1c2a8dfb21777dab21d4093eb65aef5c959d56caacf34f656b03
- Size
  
  96KB
- MD5
  
  143d616b1ba8dc45a2a4d506b2365ec7
- SHA1
  
  0e7569741b996a7ad72e4175025a69205712a775
- SHA256
  
  22b055e9d5da1c2a8dfb21777dab21d4093eb65aef5c959d56caacf34f656b03
- SHA512
  
  947e789a37db4b692157c1fb409a763353dbb6234cd1c53a530253ffd4936413d47e3d2c2d7248db3c78ec9680e96111e39c6b8776dd52721b6a058bac2d056f
- SSDEEP
  
  1536:gcFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prbrJRlRjdCQ35HFP:gOS4jHS8q/3nTzePCwNUh4E9bvfjwiFP
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy