gh0strat | dd3d5fe23c62b4fd62f9cbe759e291ab253d36b2a37c4715be8e2943f83f264a | Triage

Submit
Reports

Overview

overview

Static

static

01d065070a...2f.exe

windows7-x64

01d065070a...2f.exe

windows10-2004-x64

Sharing

General

Target

01d065070a809c92aed9e05e0b959f2f
Size

244KB
Sample

231229-x8yf4afae6
MD5

01d065070a809c92aed9e05e0b959f2f
SHA1

b6ce0703d1610fb0d9e1e10949bf7f65c93c5867
SHA256

dd3d5fe23c62b4fd62f9cbe759e291ab253d36b2a37c4715be8e2943f83f264a
SHA512

ad9b410aa3c1f8f73cbd77d8cb1699e6a07f272b59c4932ba37a3b5c0b3b5a734c70926562495b4d64a5acb652e2be3102fd5a85877b1d3d0e49e3c1389d1c69
SSDEEP

6144:3mn9qax+S4Re3PCR/Qumn9qax+S4Re3PCR/Q:3Mjxv+6CJQuMjxv+6CJQ

Score

10^/10

gh0strat rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

01d065070a809c92aed9e05e0b959f2f.exe

Resource

win7-20231215-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

01d065070a809c92aed9e05e0b959f2f.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  01d065070a809c92aed9e05e0b959f2f
- Size
  
  244KB
- MD5
  
  01d065070a809c92aed9e05e0b959f2f
- SHA1
  
  b6ce0703d1610fb0d9e1e10949bf7f65c93c5867
- SHA256
  
  dd3d5fe23c62b4fd62f9cbe759e291ab253d36b2a37c4715be8e2943f83f264a
- SHA512
  
  ad9b410aa3c1f8f73cbd77d8cb1699e6a07f272b59c4932ba37a3b5c0b3b5a734c70926562495b4d64a5acb652e2be3102fd5a85877b1d3d0e49e3c1389d1c69
- SSDEEP
  
  6144:3mn9qax+S4Re3PCR/Qumn9qax+S4Re3PCR/Q:3Mjxv+6CJQuMjxv+6CJQ
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy