Overview

overview

10

Static

static

3

09d3f0f050...b0.exe

windows7-x64

10

09d3f0f050...b0.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    09d3f0f050f31badbd8bf62b5011f4b0

  • Size

    100KB

  • Sample

    231230-bnx4yabeg9

  • MD5

    09d3f0f050f31badbd8bf62b5011f4b0

  • SHA1

    ad42bf7ef03183dd81e57ce8cd9ebe3f4ee51fba

  • SHA256

    5aed908d395713669be6212e15714d5d74b8eb3c4550fa2c5fbb1ce5823f0fae

  • SHA512

    d440f96d9529571e4f5f7d1f594b88c82fdb09dd02bf9ef66d876a1541df68dd49a5dcc3f965bc12481e3729bde220d6d1d3e5f6761baa932973a6808b794491

  • SSDEEP

    3072:iVOMX+J+P3iWziVFsQvVQMEqSrNdaeCkCZiqgXa:iVOMX/viWziHxvVmHNofZZiqgK

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      09d3f0f050f31badbd8bf62b5011f4b0

    • Size

      100KB

    • MD5

      09d3f0f050f31badbd8bf62b5011f4b0

    • SHA1

      ad42bf7ef03183dd81e57ce8cd9ebe3f4ee51fba

    • SHA256

      5aed908d395713669be6212e15714d5d74b8eb3c4550fa2c5fbb1ce5823f0fae

    • SHA512

      d440f96d9529571e4f5f7d1f594b88c82fdb09dd02bf9ef66d876a1541df68dd49a5dcc3f965bc12481e3729bde220d6d1d3e5f6761baa932973a6808b794491

    • SSDEEP

      3072:iVOMX+J+P3iWziVFsQvVQMEqSrNdaeCkCZiqgXa:iVOMX/viWziHxvVmHNofZZiqgK

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks