Overview

overview

10

Static

static

3

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    4.8MB

  • Sample

    230608-grzd3acg99

  • MD5

    8aa724d492cfcf5a235e64fabd85eeab

  • SHA1

    385481ff1783db7bdeab777cdef20f034e2513fb

  • SHA256

    4818e1106208b824649edb78e11e4f66e78730885d7f6bbe17ccb0975948fbfc

  • SHA512

    daa94db937cd26e619b6a052093195ff68cd5eccb3eca5418131634b01bc97dbc9460baa7ea3ee1217c8c89fa8b0b3b4a50294c7c05f8132f25142541dac5c7b

  • SSDEEP

    49152:2DBzpD700KVwh3TA0PCUuz73aknXKK7vZI7aV8iJdozEL3BasSh87YYMTcBF6nRZ:2U7wtABUuz73amL8Ad8QB2RMhJsso

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      tmp

    • Size

      4.8MB

    • MD5

      8aa724d492cfcf5a235e64fabd85eeab

    • SHA1

      385481ff1783db7bdeab777cdef20f034e2513fb

    • SHA256

      4818e1106208b824649edb78e11e4f66e78730885d7f6bbe17ccb0975948fbfc

    • SHA512

      daa94db937cd26e619b6a052093195ff68cd5eccb3eca5418131634b01bc97dbc9460baa7ea3ee1217c8c89fa8b0b3b4a50294c7c05f8132f25142541dac5c7b

    • SSDEEP

      49152:2DBzpD700KVwh3TA0PCUuz73aknXKK7vZI7aV8iJdozEL3BasSh87YYMTcBF6nRZ:2U7wtABUuz73amL8Ad8QB2RMhJsso

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks