Overview

overview

10

Static

static

10

3d2a4c8c29...a2.dll

windows7-x64

10

3d2a4c8c29...a2.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3d2a4c8c29d0724a45c253dc51b170dbe669d1d35dec68e948a61f2e074d49a2

  • Size

    51KB

  • Sample

    240525-ys5e5sha44

  • MD5

    c3018617a2780c74d511ca11095f7b0b

  • SHA1

    76c14c7f1e7c9c17d38bdedf7acff0bea6353ecf

  • SHA256

    3d2a4c8c29d0724a45c253dc51b170dbe669d1d35dec68e948a61f2e074d49a2

  • SHA512

    ab047bb7aeeb6560f0cf9ca07c674985637f3660532ecea03dcfbda8d705258f97b396390ab05ef0c89fe0ae32e27e586531cdc42d5c4c90dfa9bfac78641a2a

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLgJYH5:1dWubF3n9S91BF3fbocJYH5

Score
10/10
gh0stratrat

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      3d2a4c8c29d0724a45c253dc51b170dbe669d1d35dec68e948a61f2e074d49a2

    • Size

      51KB

    • MD5

      c3018617a2780c74d511ca11095f7b0b

    • SHA1

      76c14c7f1e7c9c17d38bdedf7acff0bea6353ecf

    • SHA256

      3d2a4c8c29d0724a45c253dc51b170dbe669d1d35dec68e948a61f2e074d49a2

    • SHA512

      ab047bb7aeeb6560f0cf9ca07c674985637f3660532ecea03dcfbda8d705258f97b396390ab05ef0c89fe0ae32e27e586531cdc42d5c4c90dfa9bfac78641a2a

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLgJYH5:1dWubF3n9S91BF3fbocJYH5

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks