Overview

overview

10

Static

static

10

5bd205412b...03.dll

windows7-x64

10

5bd205412b...03.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5bd205412bb26a8e55888e4f0422dcb4c81bba2f8071dfac80bf393b46c34a03

  • Size

    899KB

  • Sample

    240525-wz7gzadc9x

  • MD5

    86d11637faac87826daef93105add401

  • SHA1

    920fe4bd3156c2772fe360abc9b41f09f5ca4274

  • SHA256

    5bd205412bb26a8e55888e4f0422dcb4c81bba2f8071dfac80bf393b46c34a03

  • SHA512

    51a0b0fc62ea98bb402967a4d0dafb4aebc77d9b2f5c06adc87dd325f8c2e567854be8227178d011b441e7d3e89b4727a86068f24d6b64508b41bde37e38917c

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXM:7wqd87VM

Score
10/10
gh0stratrat

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      5bd205412bb26a8e55888e4f0422dcb4c81bba2f8071dfac80bf393b46c34a03

    • Size

      899KB

    • MD5

      86d11637faac87826daef93105add401

    • SHA1

      920fe4bd3156c2772fe360abc9b41f09f5ca4274

    • SHA256

      5bd205412bb26a8e55888e4f0422dcb4c81bba2f8071dfac80bf393b46c34a03

    • SHA512

      51a0b0fc62ea98bb402967a4d0dafb4aebc77d9b2f5c06adc87dd325f8c2e567854be8227178d011b441e7d3e89b4727a86068f24d6b64508b41bde37e38917c

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXM:7wqd87VM

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks