Overview

overview

10

Static

static

10

7bda8e49bb...c0.exe

windows7-x64

10

7bda8e49bb...c0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7bda8e49bb86d513c45a2ae525045dc0

  • Size

    114KB

  • Sample

    240128-cdm2nahab5

  • MD5

    7bda8e49bb86d513c45a2ae525045dc0

  • SHA1

    1ad492c50bcb3cf8f667506157fe1df4380e9018

  • SHA256

    5423dd26a40dacfd4bec46efbe552356765c07bca38e923e0849b236b4423d69

  • SHA512

    1175c38c4727a2bca792ded0286b3bef22a51b2ad5467b7f00196d487e24e5c21e1198fa6a84bde875a9e28506036204eb751a5abef538a3448057c9ac4890b6

  • SSDEEP

    3072:sjHWdGVxibiFahBQizwucbXBIkR5wLG4:s/eb+Kk/bXBIkXwL

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      7bda8e49bb86d513c45a2ae525045dc0

    • Size

      114KB

    • MD5

      7bda8e49bb86d513c45a2ae525045dc0

    • SHA1

      1ad492c50bcb3cf8f667506157fe1df4380e9018

    • SHA256

      5423dd26a40dacfd4bec46efbe552356765c07bca38e923e0849b236b4423d69

    • SHA512

      1175c38c4727a2bca792ded0286b3bef22a51b2ad5467b7f00196d487e24e5c21e1198fa6a84bde875a9e28506036204eb751a5abef538a3448057c9ac4890b6

    • SSDEEP

      3072:sjHWdGVxibiFahBQizwucbXBIkR5wLG4:s/eb+Kk/bXBIkXwL

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks