Overview

overview

10

Static

static

3

39c14cfe4c...89.exe

windows7-x64

10

39c14cfe4c...89.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    39c14cfe4c684e46e172a4e889c75289

  • Size

    150KB

  • Sample

    231225-yp8cmaefdm

  • MD5

    39c14cfe4c684e46e172a4e889c75289

  • SHA1

    57fe4fa2f27e419f1b6ec5a7a14b68e662c6e06f

  • SHA256

    4f83c2b531553ddc2cb04630a5cca53555031bbc1a8da70187eaac8825843e41

  • SHA512

    1bba05fbcdc0fca2508741a72bb826ab10df19751e1d0703a6fc63580f93f45117b841ad4ce76e029625245ce8b8ed1444902443f0fa299e47c0639ddbc0405e

  • SSDEEP

    3072:/VhUTNt0TSmLGkhjKXFvIGk6H0ydpZTr5iSTNL9cEVz3CiODcRwZ5:dkt0TSZkhWVvI+UupZTr5iSVrLmcE

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      39c14cfe4c684e46e172a4e889c75289

    • Size

      150KB

    • MD5

      39c14cfe4c684e46e172a4e889c75289

    • SHA1

      57fe4fa2f27e419f1b6ec5a7a14b68e662c6e06f

    • SHA256

      4f83c2b531553ddc2cb04630a5cca53555031bbc1a8da70187eaac8825843e41

    • SHA512

      1bba05fbcdc0fca2508741a72bb826ab10df19751e1d0703a6fc63580f93f45117b841ad4ce76e029625245ce8b8ed1444902443f0fa299e47c0639ddbc0405e

    • SSDEEP

      3072:/VhUTNt0TSmLGkhjKXFvIGk6H0ydpZTr5iSTNL9cEVz3CiODcRwZ5:dkt0TSZkhWVvI+UupZTr5iSVrLmcE

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks