General

  • Target

    0b77909d20e673eaf500e3e36252984bf551b88330e15e1cf8d7de88633cc5ee

  • Size

    174KB

  • Sample

    240429-pgalysaf7w

  • MD5

    417b18b44664339dcd8cbf40c04c95a5

  • SHA1

    465cb33467728d75cbaf994d10348b531a07b8df

  • SHA256

    0b77909d20e673eaf500e3e36252984bf551b88330e15e1cf8d7de88633cc5ee

  • SHA512

    93269775eb410215e13280e6df20d7e1bf86d15c192818c09dc8ae34b0556038b4a9d3d031c5fb1440aed7bd7909d7f806da862f9be011a70caa8d0f51690c89

  • SSDEEP

    3072:LUDBHy4BBy6eFJrmmIewRxM6JSQTqGd4Pwc3q:L0yB6oJrcRZQcqGywq

Score
10/10

Malware Config

Targets

    • Target

      0b77909d20e673eaf500e3e36252984bf551b88330e15e1cf8d7de88633cc5ee

    • Size

      174KB

    • MD5

      417b18b44664339dcd8cbf40c04c95a5

    • SHA1

      465cb33467728d75cbaf994d10348b531a07b8df

    • SHA256

      0b77909d20e673eaf500e3e36252984bf551b88330e15e1cf8d7de88633cc5ee

    • SHA512

      93269775eb410215e13280e6df20d7e1bf86d15c192818c09dc8ae34b0556038b4a9d3d031c5fb1440aed7bd7909d7f806da862f9be011a70caa8d0f51690c89

    • SSDEEP

      3072:LUDBHy4BBy6eFJrmmIewRxM6JSQTqGd4Pwc3q:L0yB6oJrcRZQcqGywq

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks