Overview

overview

10

Static

static

10

b64fc47abc...ed.dll

windows7-x64

10

b64fc47abc...ed.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b64fc47abc6b54d83e8bf471574a56ed

  • Size

    138KB

  • Sample

    240306-c8nlnsae39

  • MD5

    b64fc47abc6b54d83e8bf471574a56ed

  • SHA1

    c1b5991b8683fff43de3e08762a1af643db63977

  • SHA256

    e666c4a8156cfaeae629746714e32d22a77669fd1ea0d37fc2220ce168bca41a

  • SHA512

    5f7349517be3b53f38236fcde2f08c7e14d566e6c53116bfd1406ded66d98040c5d9584306f12029d0e2a3d6ebf31b1d45f5230bd29a08b6b82ecec7b1abc24e

  • SSDEEP

    3072:CwZSQpKa3VGVnpUlCz764/9xpEEBqbZuwl5iGHTqovq:JJVGpxx9b3wZuwl4GHTqo

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      b64fc47abc6b54d83e8bf471574a56ed

    • Size

      138KB

    • MD5

      b64fc47abc6b54d83e8bf471574a56ed

    • SHA1

      c1b5991b8683fff43de3e08762a1af643db63977

    • SHA256

      e666c4a8156cfaeae629746714e32d22a77669fd1ea0d37fc2220ce168bca41a

    • SHA512

      5f7349517be3b53f38236fcde2f08c7e14d566e6c53116bfd1406ded66d98040c5d9584306f12029d0e2a3d6ebf31b1d45f5230bd29a08b6b82ecec7b1abc24e

    • SSDEEP

      3072:CwZSQpKa3VGVnpUlCz764/9xpEEBqbZuwl5iGHTqovq:JJVGpxx9b3wZuwl4GHTqo

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks