Overview

overview

10

Static

static

10

4839a8c107...90.dll

windows7-x64

10

4839a8c107...90.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4839a8c1073f3ceb84287b5540e2ef82311907106ab10bad2bf42416642f1690

  • Size

    51KB

  • Sample

    240612-hh2y9staqe

  • MD5

    49f994f08bab8431830d7889a6446f1c

  • SHA1

    84a492e1f5387e4d66e25966d4d78c53906eb0cb

  • SHA256

    4839a8c1073f3ceb84287b5540e2ef82311907106ab10bad2bf42416642f1690

  • SHA512

    54c1b0f43aae83b7cd43cde8fb2849461d976f2cad898306fd876fd06e051a7514b8f98e6b924c08aec5419c2060c03f9437aa9e4c0eddb5b823cccfcf0b938e

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLkJYH5:1dWubF3n9S91BF3fboYJYH5

Score
10/10
gh0stratrat

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      4839a8c1073f3ceb84287b5540e2ef82311907106ab10bad2bf42416642f1690

    • Size

      51KB

    • MD5

      49f994f08bab8431830d7889a6446f1c

    • SHA1

      84a492e1f5387e4d66e25966d4d78c53906eb0cb

    • SHA256

      4839a8c1073f3ceb84287b5540e2ef82311907106ab10bad2bf42416642f1690

    • SHA512

      54c1b0f43aae83b7cd43cde8fb2849461d976f2cad898306fd876fd06e051a7514b8f98e6b924c08aec5419c2060c03f9437aa9e4c0eddb5b823cccfcf0b938e

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLkJYH5:1dWubF3n9S91BF3fboYJYH5

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks