General

  • Target

    ad294f80e2fa83b387cdab790e9e5ec5.exe

  • Size

    999KB

  • Sample

    240107-x11aqaccdl

  • MD5

    ad294f80e2fa83b387cdab790e9e5ec5

  • SHA1

    0db909dd88ef72d6d5d73853059d78162eda595a

  • SHA256

    49fca738a1bfea24669f8408a91e89d5880febc89feaa3fa8d4f20cd943c8d3e

  • SHA512

    955e5e3bb0fd9f821cbe5f0646d4bad54ea0ec3f1d925f806c43fbc5689e6a86797b4fe5211da9dec64b7c0a843860d2a8518abc277bf74eb2737d599cf13af8

  • SSDEEP

    12288:Us6d9PDMzmT7L71/hITHp3sZOFZ3iOQYtetkVpvReYBx6KKzyxLQQbC4ub6:Ud9PDMzY1hITcgZ9QY9VpvReYBQoFe6

Score
10/10

Malware Config

Targets

    • Target

      ad294f80e2fa83b387cdab790e9e5ec5.exe

    • Size

      999KB

    • MD5

      ad294f80e2fa83b387cdab790e9e5ec5

    • SHA1

      0db909dd88ef72d6d5d73853059d78162eda595a

    • SHA256

      49fca738a1bfea24669f8408a91e89d5880febc89feaa3fa8d4f20cd943c8d3e

    • SHA512

      955e5e3bb0fd9f821cbe5f0646d4bad54ea0ec3f1d925f806c43fbc5689e6a86797b4fe5211da9dec64b7c0a843860d2a8518abc277bf74eb2737d599cf13af8

    • SSDEEP

      12288:Us6d9PDMzmT7L71/hITHp3sZOFZ3iOQYtetkVpvReYBx6KKzyxLQQbC4ub6:Ud9PDMzY1hITcgZ9QY9VpvReYBQoFe6

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Uses the VBS compiler for execution

MITRE ATT&CK Enterprise v15

Tasks