Overview

overview

10

Static

static

10

ad8434e1c1...96.exe

windows7-x64

10

ad8434e1c1...96.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ad8434e1c1ce4be76745cbcb0137b296

  • Size

    104KB

  • Sample

    240229-df88cabg5y

  • MD5

    ad8434e1c1ce4be76745cbcb0137b296

  • SHA1

    442c294e329031034ab6381f292bc86ce863931d

  • SHA256

    02b0f82a57a5cf55bfafb0b4cc2449f49a4c3e70021ebb767e819d486e759ca2

  • SHA512

    12a01be6518b9c63d23d56b757e70ec3686fb1aad2e61a5f730e39350c103b0697e25514c58c505cc789c8d106d73da9e47ca002d81c8087f4e309b541a3517a

  • SSDEEP

    3072:usQ8CgnMnFr+vnvlefNs1cuzkQ1l8FcZ:1Qt1Fr+vvGNonzkElk

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      ad8434e1c1ce4be76745cbcb0137b296

    • Size

      104KB

    • MD5

      ad8434e1c1ce4be76745cbcb0137b296

    • SHA1

      442c294e329031034ab6381f292bc86ce863931d

    • SHA256

      02b0f82a57a5cf55bfafb0b4cc2449f49a4c3e70021ebb767e819d486e759ca2

    • SHA512

      12a01be6518b9c63d23d56b757e70ec3686fb1aad2e61a5f730e39350c103b0697e25514c58c505cc789c8d106d73da9e47ca002d81c8087f4e309b541a3517a

    • SSDEEP

      3072:usQ8CgnMnFr+vnvlefNs1cuzkQ1l8FcZ:1Qt1Fr+vvGNonzkElk

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks