Overview

overview

10

Static

static

9abd375c8f...e9.exe

windows7-x64

8

9abd375c8f...e9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9abd375c8fb67ac8b9a3e04bcd763d159ea4592f29e7dd32b62954c7b8e213e9

  • Size

    96KB

  • Sample

    221201-zdr2yahe97

  • MD5

    6f2a9b8312b2055d0a555d944727759a

  • SHA1

    1cd5ddcf644ad410e8068c5716e59c45d81e46c1

  • SHA256

    9abd375c8fb67ac8b9a3e04bcd763d159ea4592f29e7dd32b62954c7b8e213e9

  • SHA512

    c2bc00ee54cc053c8dcb909b698d4fa3912355afe7541308b68ec051e5556f1a004bd09c18056fd370b8251621de79ca9a441f2f9b2e0072e4b6b6ff0ac1ce24

  • SSDEEP

    1536:TTFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prlMj1eylZ0m:TtS4jHS8q/3nTzePCwNUh4E9lYZ0m

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      9abd375c8fb67ac8b9a3e04bcd763d159ea4592f29e7dd32b62954c7b8e213e9

    • Size

      96KB

    • MD5

      6f2a9b8312b2055d0a555d944727759a

    • SHA1

      1cd5ddcf644ad410e8068c5716e59c45d81e46c1

    • SHA256

      9abd375c8fb67ac8b9a3e04bcd763d159ea4592f29e7dd32b62954c7b8e213e9

    • SHA512

      c2bc00ee54cc053c8dcb909b698d4fa3912355afe7541308b68ec051e5556f1a004bd09c18056fd370b8251621de79ca9a441f2f9b2e0072e4b6b6ff0ac1ce24

    • SSDEEP

      1536:TTFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prlMj1eylZ0m:TtS4jHS8q/3nTzePCwNUh4E9lYZ0m

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks