Overview

overview

10

Static

static

f734f97609...19.exe

windows7-x64

10

f734f97609...19.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f734f976099a748bd99bd3ddee3a70999540b1d3076c02ca1353dfac7578e319

  • Size

    170KB

  • Sample

    221206-hyv6naea44

  • MD5

    3fe33b8aa8c9b05ebefc3772f4666448

  • SHA1

    96508a4c73100f3354d55fe178cbb8582aaa1050

  • SHA256

    f734f976099a748bd99bd3ddee3a70999540b1d3076c02ca1353dfac7578e319

  • SHA512

    88e9a5f631c59b35b4bd84b3532e4ae2898ed3101e3fc7df35b24fd219f00cadc91f8474036fcedd55e8b5acbaaa9cb3c1feb2ab045d28589779a4393a100972

  • SSDEEP

    3072:sM53m4t41CVqUNILsOl6Hh5zVKCiXoaf4wfy+QxuNM85mdG62xE2N+t1pUOGy:sM52W41CVqVLsaA5JEv48FQxcM85mdwa

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      f734f976099a748bd99bd3ddee3a70999540b1d3076c02ca1353dfac7578e319

    • Size

      170KB

    • MD5

      3fe33b8aa8c9b05ebefc3772f4666448

    • SHA1

      96508a4c73100f3354d55fe178cbb8582aaa1050

    • SHA256

      f734f976099a748bd99bd3ddee3a70999540b1d3076c02ca1353dfac7578e319

    • SHA512

      88e9a5f631c59b35b4bd84b3532e4ae2898ed3101e3fc7df35b24fd219f00cadc91f8474036fcedd55e8b5acbaaa9cb3c1feb2ab045d28589779a4393a100972

    • SSDEEP

      3072:sM53m4t41CVqUNILsOl6Hh5zVKCiXoaf4wfy+QxuNM85mdG62xE2N+t1pUOGy:sM52W41CVqVLsaA5JEv48FQxcM85mdwa

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks