General
-
Target
1284d9fbfdd648320545b4c55db1857f
-
Size
731KB
-
Sample
231225-kkemvsccdj
-
MD5
1284d9fbfdd648320545b4c55db1857f
-
SHA1
48bf2c046ef2092b53c8596a16e3c19609de40fd
-
SHA256
6bf63b487001752134bd59c02d29a97c8322d4adffcbd263a827c874feaced4a
-
SHA512
cbf3e2bab9de71d4ea1a537e13f598cc940da8ec89efc143e7293ccbcdc86d119a66b239b79387074f6fbec182f0bb4ef4a91562bdf12a0e657868089089762f
-
SSDEEP
12288:jt0VPFfsKAkrbPl7cHANUTNhGdHANUTNfHAUTNJG:SFksbMGBG
Malware Config
Targets
-
-
Target
1284d9fbfdd648320545b4c55db1857f
-
Size
731KB
-
MD5
1284d9fbfdd648320545b4c55db1857f
-
SHA1
48bf2c046ef2092b53c8596a16e3c19609de40fd
-
SHA256
6bf63b487001752134bd59c02d29a97c8322d4adffcbd263a827c874feaced4a
-
SHA512
cbf3e2bab9de71d4ea1a537e13f598cc940da8ec89efc143e7293ccbcdc86d119a66b239b79387074f6fbec182f0bb4ef4a91562bdf12a0e657868089089762f
-
SSDEEP
12288:jt0VPFfsKAkrbPl7cHANUTNhGdHANUTNfHAUTNJG:SFksbMGBG
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-