gh0strat

Sharing

Copy URL

Twitter E-mail

General

Target

fcfa69cbc689304e055d5705ed7692a1_JaffaCakes118
Size

101KB
Sample

240420-rxqn8abc8v
MD5

fcfa69cbc689304e055d5705ed7692a1
SHA1

983815092026b81b125e85e02c6e019ef6349ecc
SHA256

4ee20558b9da83776f563619de8002838d49b21412f40ff74391292c411a83a9
SHA512

51c0b2eb5bc1da32b3aa0b310df6d4f08e6a3e8b3f195ead6a9dc3011042a0c92f05c5163e99084488228ed05ca4f62f51b658f591269a42682be1c6ad6af33e
SSDEEP

3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwI5RG:VVGg2x9tjUpZuwIrG

Score

10^/10

gh0strat rat

Malware Config

Targets

- Target
  
  fcfa69cbc689304e055d5705ed7692a1_JaffaCakes118
- Size
  
  101KB
- MD5
  
  fcfa69cbc689304e055d5705ed7692a1
- SHA1
  
  983815092026b81b125e85e02c6e019ef6349ecc
- SHA256
  
  4ee20558b9da83776f563619de8002838d49b21412f40ff74391292c411a83a9
- SHA512
  
  51c0b2eb5bc1da32b3aa0b310df6d4f08e6a3e8b3f195ead6a9dc3011042a0c92f05c5163e99084488228ed05ca4f62f51b658f591269a42682be1c6ad6af33e
- SSDEEP
  
  3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwI5RG:VVGg2x9tjUpZuwIrG
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  CERTIFICATE
- Size
  
  101KB
- MD5
  
  fcfa69cbc689304e055d5705ed7692a1
- SHA1
  
  983815092026b81b125e85e02c6e019ef6349ecc
- SHA256
  
  4ee20558b9da83776f563619de8002838d49b21412f40ff74391292c411a83a9
- SHA512
  
  51c0b2eb5bc1da32b3aa0b310df6d4f08e6a3e8b3f195ead6a9dc3011042a0c92f05c5163e99084488228ed05ca4f62f51b658f591269a42682be1c6ad6af33e
- SSDEEP
  
  3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwI5RG:VVGg2x9tjUpZuwIrG
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  CERTIFICATE
- Size
  
  101KB
- MD5
  
  fcfa69cbc689304e055d5705ed7692a1
- SHA1
  
  983815092026b81b125e85e02c6e019ef6349ecc
- SHA256
  
  4ee20558b9da83776f563619de8002838d49b21412f40ff74391292c411a83a9
- SHA512
  
  51c0b2eb5bc1da32b3aa0b310df6d4f08e6a3e8b3f195ead6a9dc3011042a0c92f05c5163e99084488228ed05ca4f62f51b658f591269a42682be1c6ad6af33e
- SSDEEP
  
  3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwI5RG:VVGg2x9tjUpZuwIrG
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  CERTIFICATE
- Size
  
  101KB
- MD5
  
  fcfa69cbc689304e055d5705ed7692a1
- SHA1
  
  983815092026b81b125e85e02c6e019ef6349ecc
- SHA256
  
  4ee20558b9da83776f563619de8002838d49b21412f40ff74391292c411a83a9
- SHA512
  
  51c0b2eb5bc1da32b3aa0b310df6d4f08e6a3e8b3f195ead6a9dc3011042a0c92f05c5163e99084488228ed05ca4f62f51b658f591269a42682be1c6ad6af33e
- SSDEEP
  
  3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwI5RG:VVGg2x9tjUpZuwIrG
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  CERTIFICATE
- Size
  
  101KB
- MD5
  
  fcfa69cbc689304e055d5705ed7692a1
- SHA1
  
  983815092026b81b125e85e02c6e019ef6349ecc
- SHA256
  
  4ee20558b9da83776f563619de8002838d49b21412f40ff74391292c411a83a9
- SHA512
  
  51c0b2eb5bc1da32b3aa0b310df6d4f08e6a3e8b3f195ead6a9dc3011042a0c92f05c5163e99084488228ed05ca4f62f51b658f591269a42682be1c6ad6af33e
- SSDEEP
  
  3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwI5RG:VVGg2x9tjUpZuwIrG
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Loads dropped DLL
behavioral10 behavioral9
- Target
  
  CERTIFICATE
- Size
  
  101KB
- MD5
  
  fcfa69cbc689304e055d5705ed7692a1
- SHA1
  
  983815092026b81b125e85e02c6e019ef6349ecc
- SHA256
  
  4ee20558b9da83776f563619de8002838d49b21412f40ff74391292c411a83a9
- SHA512
  
  51c0b2eb5bc1da32b3aa0b310df6d4f08e6a3e8b3f195ead6a9dc3011042a0c92f05c5163e99084488228ed05ca4f62f51b658f591269a42682be1c6ad6af33e
- SSDEEP
  
  3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwI5RG:VVGg2x9tjUpZuwIrG
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  CERTIFICATE
- Size
  
  101KB
- MD5
  
  fcfa69cbc689304e055d5705ed7692a1
- SHA1
  
  983815092026b81b125e85e02c6e019ef6349ecc
- SHA256
  
  4ee20558b9da83776f563619de8002838d49b21412f40ff74391292c411a83a9
- SHA512
  
  51c0b2eb5bc1da32b3aa0b310df6d4f08e6a3e8b3f195ead6a9dc3011042a0c92f05c5163e99084488228ed05ca4f62f51b658f591269a42682be1c6ad6af33e
- SSDEEP
  
  3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwI5RG:VVGg2x9tjUpZuwIrG
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  CERTIFICATE
- Size
  
  101KB
- MD5
  
  fcfa69cbc689304e055d5705ed7692a1
- SHA1
  
  983815092026b81b125e85e02c6e019ef6349ecc
- SHA256
  
  4ee20558b9da83776f563619de8002838d49b21412f40ff74391292c411a83a9
- SHA512
  
  51c0b2eb5bc1da32b3aa0b310df6d4f08e6a3e8b3f195ead6a9dc3011042a0c92f05c5163e99084488228ed05ca4f62f51b658f591269a42682be1c6ad6af33e
- SSDEEP
  
  3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwI5RG:VVGg2x9tjUpZuwIrG
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  CERTIFICATE
- Size
  
  101KB
- MD5
  
  fcfa69cbc689304e055d5705ed7692a1
- SHA1
  
  983815092026b81b125e85e02c6e019ef6349ecc
- SHA256
  
  4ee20558b9da83776f563619de8002838d49b21412f40ff74391292c411a83a9
- SHA512
  
  51c0b2eb5bc1da32b3aa0b310df6d4f08e6a3e8b3f195ead6a9dc3011042a0c92f05c5163e99084488228ed05ca4f62f51b658f591269a42682be1c6ad6af33e
- SSDEEP
  
  3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwI5RG:VVGg2x9tjUpZuwIrG
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Loads dropped DLL
behavioral17 behavioral18
- Target
  
  CERTIFICATE
- Size
  
  101KB
- MD5
  
  fcfa69cbc689304e055d5705ed7692a1
- SHA1
  
  983815092026b81b125e85e02c6e019ef6349ecc
- SHA256
  
  4ee20558b9da83776f563619de8002838d49b21412f40ff74391292c411a83a9
- SHA512
  
  51c0b2eb5bc1da32b3aa0b310df6d4f08e6a3e8b3f195ead6a9dc3011042a0c92f05c5163e99084488228ed05ca4f62f51b658f591269a42682be1c6ad6af33e
- SSDEEP
  
  3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwI5RG:VVGg2x9tjUpZuwIrG
Score

10^/10

gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Loads dropped DLL
behavioral19 behavioral20

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Gh0st RAT payload

Loads dropped DLL

Gh0st RAT payload

Gh0strat

Loads dropped DLL

Gh0st RAT payload

Gh0strat

Loads dropped DLL

Gh0st RAT payload

Gh0strat

Loads dropped DLL

Gh0st RAT payload

Gh0strat

Loads dropped DLL

Gh0st RAT payload

Gh0strat

Loads dropped DLL

Gh0st RAT payload

Gh0strat

Loads dropped DLL

Gh0st RAT payload

Gh0strat

Loads dropped DLL

Gh0st RAT payload

Gh0strat

Loads dropped DLL

Gh0st RAT payload

Gh0strat

Loads dropped DLL

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20