Overview

overview

10

Static

static

10

684015ecfd...ed.dll

windows7-x64

10

684015ecfd...ed.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    684015ecfd824195870527185b547abe3deb2034ba7fd17ffe33fb38332061ed

  • Size

    51KB

  • Sample

    240525-v7ge3sca8z

  • MD5

    ba3a25ba979d99896a4d648570ff1b2d

  • SHA1

    50bfdec3abd114b66e00d54c380e22a9e1cbb38d

  • SHA256

    684015ecfd824195870527185b547abe3deb2034ba7fd17ffe33fb38332061ed

  • SHA512

    3a6c55cef75ec7fb57cdf69605c14987fb546f5cc97169142b5317e361207571a60d5414a1c68a72627f8be1100d0240bc890798a43c988ebb691c4dd0af13bc

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLwJYH5:1dWubF3n9S91BF3fboUJYH5

Score
10/10
gh0stratrat

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      684015ecfd824195870527185b547abe3deb2034ba7fd17ffe33fb38332061ed

    • Size

      51KB

    • MD5

      ba3a25ba979d99896a4d648570ff1b2d

    • SHA1

      50bfdec3abd114b66e00d54c380e22a9e1cbb38d

    • SHA256

      684015ecfd824195870527185b547abe3deb2034ba7fd17ffe33fb38332061ed

    • SHA512

      3a6c55cef75ec7fb57cdf69605c14987fb546f5cc97169142b5317e361207571a60d5414a1c68a72627f8be1100d0240bc890798a43c988ebb691c4dd0af13bc

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLwJYH5:1dWubF3n9S91BF3fboUJYH5

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks