gh0strat | 65ed1a26e4779fec9ee9577f1634848833dc644e2ee71edeb18e2e33511bafa9 | Triage

Submit
Reports

Overview

overview

Static

static

017800f1ad...34.exe

windows7-x64

017800f1ad...34.exe

windows10-2004-x64

Sharing

General

Target

017800f1ad1184a9b2f876609ee3e734
Size

696KB
Sample

231229-xzst9ahdek
MD5

017800f1ad1184a9b2f876609ee3e734
SHA1

a725b46d1ce585d6f7a8f3e88143dfb0faf032cb
SHA256

65ed1a26e4779fec9ee9577f1634848833dc644e2ee71edeb18e2e33511bafa9
SHA512

e842bd687445415b959eeda62d808b3220566144628565e308e4f4cf2244f31f896c1d2b4579b2f820fee0597ceb799af82bd0af4b6fa2abbc4ed4be33673cbc
SSDEEP

12288:XDHRztUMSpCO0kBXYB7sYtT1RpQrL16q9ASkge/jP1uQz:TxzCrjti7sYTFQP9ASkL/jduQ

Score

10^/10

gh0strat rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

017800f1ad1184a9b2f876609ee3e734.exe

Resource

win7-20231215-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

017800f1ad1184a9b2f876609ee3e734.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  017800f1ad1184a9b2f876609ee3e734
- Size
  
  696KB
- MD5
  
  017800f1ad1184a9b2f876609ee3e734
- SHA1
  
  a725b46d1ce585d6f7a8f3e88143dfb0faf032cb
- SHA256
  
  65ed1a26e4779fec9ee9577f1634848833dc644e2ee71edeb18e2e33511bafa9
- SHA512
  
  e842bd687445415b959eeda62d808b3220566144628565e308e4f4cf2244f31f896c1d2b4579b2f820fee0597ceb799af82bd0af4b6fa2abbc4ed4be33673cbc
- SSDEEP
  
  12288:XDHRztUMSpCO0kBXYB7sYtT1RpQrL16q9ASkge/jP1uQz:TxzCrjti7sYTFQP9ASkL/jduQ
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy