General

  • Target

    b562084d28609c489257c3dac5ef1384396cae2a10664dac04991d9d2cc36c65

  • Size

    192KB

  • Sample

    221205-j5z9mafb9s

  • MD5

    13356674c0b28f5de14e13f606d37530

  • SHA1

    10400bc09b12ca3b4a75bb9125320bd575cffb96

  • SHA256

    b562084d28609c489257c3dac5ef1384396cae2a10664dac04991d9d2cc36c65

  • SHA512

    3ce0cc561b6e6a52d9fedfa55c8314596ab17aa29bc24af96561ab9846f89a662db0cc023baf0101c1dc9b5b2aa71d9220067764f1b6ae16c5abe1398e00076b

  • SSDEEP

    3072:OQk3DH+bK+snWjvUJFMKkj8aPBHA40qcVWhUXYvpSVxoTVrbMzYiw/mEFVg:OQkTH+bpsnWjvEkrPadqc6UIvK6jt+

Score
10/10

Malware Config

Targets

    • Target

      b562084d28609c489257c3dac5ef1384396cae2a10664dac04991d9d2cc36c65

    • Size

      192KB

    • MD5

      13356674c0b28f5de14e13f606d37530

    • SHA1

      10400bc09b12ca3b4a75bb9125320bd575cffb96

    • SHA256

      b562084d28609c489257c3dac5ef1384396cae2a10664dac04991d9d2cc36c65

    • SHA512

      3ce0cc561b6e6a52d9fedfa55c8314596ab17aa29bc24af96561ab9846f89a662db0cc023baf0101c1dc9b5b2aa71d9220067764f1b6ae16c5abe1398e00076b

    • SSDEEP

      3072:OQk3DH+bK+snWjvUJFMKkj8aPBHA40qcVWhUXYvpSVxoTVrbMzYiw/mEFVg:OQkTH+bpsnWjvEkrPadqc6UIvK6jt+

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks