Extracted

• • Target

    ML7R9U7.exe

  • Size

    359KB

  • MD5

    a37556c8cfd7eaba495a318a0de59466

  • SHA1

    07707cba7364e130f35eddbcab7702db44e7e671

  • SHA256

    08e9d8d7b108683314e5fad199d52b868713807697704f08ddc4b825553cca20

  • SHA512

    be38b134da1675a51585787433b8ec98eee5940db103eac5e2e851c65e6050f45b943aa8fe76393f593f7de1a4de0a636327c3f78c3d7a056308fa3a54c08d23

  • SSDEEP

    6144:2ZpuZnVB3/nPwArobrJEoXG81WAheOBO77NsHJDi1tPYP6lLaYpPqQ5aSAwz07Au:2ZM13/nPw6ovJE2G8IAheOA7JsH1KtPm

  Score

  10^/10

  gh0stratevasionrattrojan

  • Gh0st RAT payload

  • Gh0strat

    Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    ratgh0strat

  • UAC bypass

    evasiontrojan

  • Modifies RDP port number used by Windows

  behavioral1behavioral2