General

  • Target

    7a2480e2b9dda4bd4a8b63d633fd05ed

  • Size

    196KB

  • Sample

    240127-nslmxsbdc6

  • MD5

    7a2480e2b9dda4bd4a8b63d633fd05ed

  • SHA1

    509ab04dcb2b3785bd9579dfd4380aa56c1a106d

  • SHA256

    31d3bdb8c4e66a3caae247c80082484398cc8bc21849fd7ee836cde6d8a19356

  • SHA512

    61855d9a0b5b42c7dda5ba03a6635308fbe108f7f61205e3c0ff30a51081c0cb17393562ef243d399ce21d07d53743ee421ec926d2254832e20b56076789ddb5

  • SSDEEP

    3072:n1Y8t7VChoFw4gbA/zftSF97RdPcurK77S3YcI:hChcYLRBNK77SU

Score
10/10

Malware Config

Targets

    • Target

      7a2480e2b9dda4bd4a8b63d633fd05ed

    • Size

      196KB

    • MD5

      7a2480e2b9dda4bd4a8b63d633fd05ed

    • SHA1

      509ab04dcb2b3785bd9579dfd4380aa56c1a106d

    • SHA256

      31d3bdb8c4e66a3caae247c80082484398cc8bc21849fd7ee836cde6d8a19356

    • SHA512

      61855d9a0b5b42c7dda5ba03a6635308fbe108f7f61205e3c0ff30a51081c0cb17393562ef243d399ce21d07d53743ee421ec926d2254832e20b56076789ddb5

    • SSDEEP

      3072:n1Y8t7VChoFw4gbA/zftSF97RdPcurK77S3YcI:hChcYLRBNK77SU

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks