General

  • Target

    f51dfb0cbe27aa19075a50c5a569b39fe4abfd1fca7d83b95b9cdaecf6b8ee4b

  • Size

    147KB

  • Sample

    240604-pr4b1sgb3v

  • MD5

    06e4b4093615c25e6ef63a0bc3f01521

  • SHA1

    d72377e785ff095f3824dc48d5f3bbb19199df3b

  • SHA256

    f51dfb0cbe27aa19075a50c5a569b39fe4abfd1fca7d83b95b9cdaecf6b8ee4b

  • SHA512

    3130089a764af44aab4f1b29c47fc2dbe4f27b4f25e70280d39f21ffb9f20bcef915f77f285fb7dd443069618c9fa98a775e1f6147025a639039e8f21fbb6dc7

  • SSDEEP

    3072:ohPm77B1ZDwB76mVlZmFRqGd4PwcwMG5vY:kWd1ZDg7HqRqGywR5vY

Score
10/10

Malware Config

Targets

    • Target

      f51dfb0cbe27aa19075a50c5a569b39fe4abfd1fca7d83b95b9cdaecf6b8ee4b

    • Size

      147KB

    • MD5

      06e4b4093615c25e6ef63a0bc3f01521

    • SHA1

      d72377e785ff095f3824dc48d5f3bbb19199df3b

    • SHA256

      f51dfb0cbe27aa19075a50c5a569b39fe4abfd1fca7d83b95b9cdaecf6b8ee4b

    • SHA512

      3130089a764af44aab4f1b29c47fc2dbe4f27b4f25e70280d39f21ffb9f20bcef915f77f285fb7dd443069618c9fa98a775e1f6147025a639039e8f21fbb6dc7

    • SSDEEP

      3072:ohPm77B1ZDwB76mVlZmFRqGd4PwcwMG5vY:kWd1ZDg7HqRqGywR5vY

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks