General
-
Target
11a5b746ae01a002a8740ff805a0da88.exe
-
Size
448KB
-
Sample
230322-jlyxfshe3x
-
MD5
11a5b746ae01a002a8740ff805a0da88
-
SHA1
4885a9e1ba0a9816446aa196120fee575cf4eca3
-
SHA256
bfc673b442809a22a48e4c70d5027c925c8eaa56caee77ff6f896d480d78dcc2
-
SHA512
f128c2bc2e1b9dfdc970aa289c2ea0759ca0dfabcdd3868ed4d032328f995c909115e9abc67cfbd78396975f1b8141cc3e9cf2bd5dde9a3724445ac294a70e77
-
SSDEEP
12288:bkXOs/EQaS77z/t705Hux7xGTjCbqWd+YGMU:c/EQaS77TR05OxdU
Malware Config
Targets
-
-
Target
11a5b746ae01a002a8740ff805a0da88.exe
-
Size
448KB
-
MD5
11a5b746ae01a002a8740ff805a0da88
-
SHA1
4885a9e1ba0a9816446aa196120fee575cf4eca3
-
SHA256
bfc673b442809a22a48e4c70d5027c925c8eaa56caee77ff6f896d480d78dcc2
-
SHA512
f128c2bc2e1b9dfdc970aa289c2ea0759ca0dfabcdd3868ed4d032328f995c909115e9abc67cfbd78396975f1b8141cc3e9cf2bd5dde9a3724445ac294a70e77
-
SSDEEP
12288:bkXOs/EQaS77z/t705Hux7xGTjCbqWd+YGMU:c/EQaS77TR05OxdU
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-