Overview

overview

10

Static

static

10

4b4a9f1e9f...6d.dll

windows7-x64

10

4b4a9f1e9f...6d.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b4a9f1e9f1e202d5ff5a5f58d2177b136c63e87cfd504fb028b81fafac4fa6d

  • Size

    899KB

  • Sample

    240525-ykhleage92

  • MD5

    af48693c1299902e0d9ee4ac6cb16a99

  • SHA1

    4a7dff17149d74f6a589d522ad8b233cf367d054

  • SHA256

    4b4a9f1e9f1e202d5ff5a5f58d2177b136c63e87cfd504fb028b81fafac4fa6d

  • SHA512

    3d4bb91c289d6bed402a15dcbd3c859b618a499b90ef1f9e1c5993b2cc1652debc87ba06ffb0bf2c01fdaa49382a2c4919ca6f87d3f3ff07a009b30ba5b177a2

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXj:7wqd87Vj

Score
10/10
gh0stratrat

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      4b4a9f1e9f1e202d5ff5a5f58d2177b136c63e87cfd504fb028b81fafac4fa6d

    • Size

      899KB

    • MD5

      af48693c1299902e0d9ee4ac6cb16a99

    • SHA1

      4a7dff17149d74f6a589d522ad8b233cf367d054

    • SHA256

      4b4a9f1e9f1e202d5ff5a5f58d2177b136c63e87cfd504fb028b81fafac4fa6d

    • SHA512

      3d4bb91c289d6bed402a15dcbd3c859b618a499b90ef1f9e1c5993b2cc1652debc87ba06ffb0bf2c01fdaa49382a2c4919ca6f87d3f3ff07a009b30ba5b177a2

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXj:7wqd87Vj

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks