Overview

overview

10

Static

static

3

48124848ec...86.exe

windows7-x64

10

48124848ec...86.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    48124848ecd7e30dc64c718f913a6e86

  • Size

    258KB

  • Sample

    240107-fekjpsfha3

  • MD5

    48124848ecd7e30dc64c718f913a6e86

  • SHA1

    a398457dc61cb2ad5fdb2b4f1933e73422b58ffb

  • SHA256

    b96293992978f3a0541fa0f11250c97155c231572e0a5513b92bdf68492b31bc

  • SHA512

    10e2d310ed1614113eccda47a730d6ebd32965267f05d8a64253f82e9133d34b248cafb9e549735851c6fda134951fbc0471feab01b3fb3ceaffb364209b5324

  • SSDEEP

    3072:yiLOgD6dmQzpDz+HZ87K02vdCfEgl3Epih/r4vsCLP3mqDhbXflRkp65kLWOjt:UgeRdn+HZL02vIMGEyeAo502kLWOj

Score
10/10
gh0stratpersistencerat

Malware Config

Targets

    • Target

      48124848ecd7e30dc64c718f913a6e86

    • Size

      258KB

    • MD5

      48124848ecd7e30dc64c718f913a6e86

    • SHA1

      a398457dc61cb2ad5fdb2b4f1933e73422b58ffb

    • SHA256

      b96293992978f3a0541fa0f11250c97155c231572e0a5513b92bdf68492b31bc

    • SHA512

      10e2d310ed1614113eccda47a730d6ebd32965267f05d8a64253f82e9133d34b248cafb9e549735851c6fda134951fbc0471feab01b3fb3ceaffb364209b5324

    • SSDEEP

      3072:yiLOgD6dmQzpDz+HZ87K02vdCfEgl3Epih/r4vsCLP3mqDhbXflRkp65kLWOjt:UgeRdn+HZL02vIMGEyeAo502kLWOj

    Score
    10/10
    gh0stratpersistencerat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Modifies Installed Components in the registry

      persistence

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks