General
-
Target
0b1a8793ffb0b9e0b22f25de298c1891
-
Size
930KB
-
Sample
231230-cj4atsggbm
-
MD5
0b1a8793ffb0b9e0b22f25de298c1891
-
SHA1
0a99fcf2aa25b2295757fd6fa9adbf4083f39432
-
SHA256
7fb94bfb62fc34b01b1a89b7c9bc4c2d54db3f480abbee6ed31736f43991f9c2
-
SHA512
ce77f70162c74054b9cd2d33cf978263aab8326a34cde7c5252bd89fbf773fc64e299454bbcdd104754b6d04c6fedc123383e64c92575924d8244e1958f264ac
-
SSDEEP
6144:QGzRxSVtp0l6whGfsKR+zkBpTaa5tJHXhHANUTNqm6nJl3/2nJl3/H:jt0VPFfsKAkrbPlXhHANUTNqm/
Malware Config
Targets
-
-
Target
0b1a8793ffb0b9e0b22f25de298c1891
-
Size
930KB
-
MD5
0b1a8793ffb0b9e0b22f25de298c1891
-
SHA1
0a99fcf2aa25b2295757fd6fa9adbf4083f39432
-
SHA256
7fb94bfb62fc34b01b1a89b7c9bc4c2d54db3f480abbee6ed31736f43991f9c2
-
SHA512
ce77f70162c74054b9cd2d33cf978263aab8326a34cde7c5252bd89fbf773fc64e299454bbcdd104754b6d04c6fedc123383e64c92575924d8244e1958f264ac
-
SSDEEP
6144:QGzRxSVtp0l6whGfsKR+zkBpTaa5tJHXhHANUTNqm6nJl3/2nJl3/H:jt0VPFfsKAkrbPlXhHANUTNqm/
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-