Overview

overview

10

Static

static

10

server.exe

windows7-x64

10

server.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0d1de5a242904cda351de1bb8fc366ba

  • Size

    56KB

  • Sample

    231224-x3l6waceh4

  • MD5

    0d1de5a242904cda351de1bb8fc366ba

  • SHA1

    6849f1d82a6b693c6ff8eb0c8258a13b13fbb047

  • SHA256

    20d9ea46444df1a7d3aa58fc78b0c28f8266d7cd91b449115e9c8721c27b57a7

  • SHA512

    c4c87321aa7dd1634be01e391958577e613f4c39b9a0014a3e24c802e9c010483ea1be2e8e746bcffd0871ac1beead2631828821278b199aa07c567a96ec3c1a

  • SSDEEP

    1536:DFbks9hcZauKczhrnu7LR7rxkrKeS+7saYAzVJH:p/QauKctrnuhekaVJH

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      server.exe

    • Size

      125KB

    • MD5

      80a0eb3c8259d7bfcc712019e7bd4689

    • SHA1

      3a46ce36d4d22e4788cc4ea87d5b2734b117f9e5

    • SHA256

      db3f536df70c3f8209af86c878013a7bf537fd4069e083b0f0ccaf30883fc0c8

    • SHA512

      bea5fdad472cccf7d43bb4f6059c4ab1bb795f05d5dfb404eaede4f31f8a9f74e22abb1e311d862564dc9dd003b6bd75f9030375b8552add13e2f3bb00f50a59

    • SSDEEP

      1536:jxLBomTgWM6SibNn8YIaT024cKau2f9d0Dyi+NkXw+mHBkJm60kx8:r4W9Si+YIV24Wug9d0H+aXw+mHBkJmo8

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks