General

  • Target

    1692-55-0x0000000010000000-0x0000000010010000-memory.dmp

  • Size

    64KB

  • MD5

    b0735fd905623e5149550338ff3d7c2a

  • SHA1

    5bf7984f049ee9a44736d66102df3724c1caa138

  • SHA256

    f2bcf3506c1a371afb4e69ce8a9054ce002a5613c9a05f42cf56750a1a2b33a1

  • SHA512

    ab4fa8836cfda6df4e0e12d91b544e0efc3182966e81986fdd4aa329cc5380d38d32ee9469bb24794037588eb6f0f5d3e3436701526710af161818fc4c79292d

  • SSDEEP

    1536:bicV9vfa4gmiD7KKb+qqnu34j+ykvz5K28:LfakiD7xb+qqnum+ye5K1

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

3005.qmananan.com

Signatures

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family

Files

  • 1692-55-0x0000000010000000-0x0000000010010000-memory.dmp
    .dll windows x86

    55cc24a9cf98c16eeef7d7030b8008b1


    Headers

    Imports

    Exports

    Sections