Overview

overview

10

Static

static

10

d10b862fd7...a1.dll

windows7-x64

10

d10b862fd7...a1.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d10b862fd7164376b0318b89d15a5d974997ac41e1dbb3361242ceb5d29d0ba1

  • Size

    899KB

  • Sample

    240526-gljreshh79

  • MD5

    425a088bb2cc9c441032cff4e0fa7591

  • SHA1

    cd30eaefd1de171bb6a3a3011a9d3af01b3e877c

  • SHA256

    d10b862fd7164376b0318b89d15a5d974997ac41e1dbb3361242ceb5d29d0ba1

  • SHA512

    086745bcffb4f2137b5c3677c3f78fe76cd768338946e5108db638fe2c849b17bbb3fd5483dfd86b6cff56bc52b8845e4c6d7405a47717a7dc29e5396708a0bc

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXZ:7wqd87VZ

Score
10/10
gh0stratrat

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      d10b862fd7164376b0318b89d15a5d974997ac41e1dbb3361242ceb5d29d0ba1

    • Size

      899KB

    • MD5

      425a088bb2cc9c441032cff4e0fa7591

    • SHA1

      cd30eaefd1de171bb6a3a3011a9d3af01b3e877c

    • SHA256

      d10b862fd7164376b0318b89d15a5d974997ac41e1dbb3361242ceb5d29d0ba1

    • SHA512

      086745bcffb4f2137b5c3677c3f78fe76cd768338946e5108db638fe2c849b17bbb3fd5483dfd86b6cff56bc52b8845e4c6d7405a47717a7dc29e5396708a0bc

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXZ:7wqd87VZ

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks