Overview

overview

10

Static

static

10

fe570af16d...72.exe

windows7-x64

10

fe570af16d...72.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe570af16d3602ce58eb9ff25546c24f2388bf093618a4215f0d5138dbbf3672

  • Size

    143KB

  • Sample

    221205-htp4vafd28

  • MD5

    debc4110e4f83e15d9775e0b701b543c

  • SHA1

    59f852457a38d6f9a2048d2fc40521ef11f21fce

  • SHA256

    fe570af16d3602ce58eb9ff25546c24f2388bf093618a4215f0d5138dbbf3672

  • SHA512

    86c470380b444382d952938414a7603c549f43a7e2cfbd6c389313016764c38472a8fad8b6e1ae6ab7d3f6a5b4ed63414220a39a8bccee7cebe2a8416dd09bb7

  • SSDEEP

    3072:yywZSQpKa3VGVnpUlCz764/9xpEEBqbZuwk5iGMuRqovC:y5JVGpxx9b3wZuwk4Glqo

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      fe570af16d3602ce58eb9ff25546c24f2388bf093618a4215f0d5138dbbf3672

    • Size

      143KB

    • MD5

      debc4110e4f83e15d9775e0b701b543c

    • SHA1

      59f852457a38d6f9a2048d2fc40521ef11f21fce

    • SHA256

      fe570af16d3602ce58eb9ff25546c24f2388bf093618a4215f0d5138dbbf3672

    • SHA512

      86c470380b444382d952938414a7603c549f43a7e2cfbd6c389313016764c38472a8fad8b6e1ae6ab7d3f6a5b4ed63414220a39a8bccee7cebe2a8416dd09bb7

    • SSDEEP

      3072:yywZSQpKa3VGVnpUlCz764/9xpEEBqbZuwk5iGMuRqovC:y5JVGpxx9b3wZuwk4Glqo

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks