gh0strat | 89ef5b9c64cf964294abc8f3f84f0b9fc021fc17e50c5e337f728202e4f3101d | Triage

Submit
Reports

Overview

overview

Static

static

3

68c59d91ce...18.dll

windows7-x64

68c59d91ce...18.dll

windows10-2004-x64

Sharing

General

Target

68c59d91ce2dfcf5eeb128f4da3692b1_JaffaCakes118
Size

56KB
Sample

240723-y2tp1awelj
MD5

68c59d91ce2dfcf5eeb128f4da3692b1
SHA1

cf8a646df55f8953f697fbd4d6524f505b7a802c
SHA256

89ef5b9c64cf964294abc8f3f84f0b9fc021fc17e50c5e337f728202e4f3101d
SHA512

a439f8b69bc0206d611cea90cddc971628d65c898dde4f8031c840cf12a4197e158049e391cc9bb0dfb7ed12a85d9d90ead7b502a959f33196e0858dc7ce0a60
SSDEEP

768:u74XSDgbahXrerQvaONvqm87WRmrQ1JaGaeb9fME7MhHrGpJByuXw0+d8wKpqCa5:yXr9aONP87imrya9eRnMyrXj+dqpF83

Score

10^/10

gh0strat discovery rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

68c59d91ce2dfcf5eeb128f4da3692b1_JaffaCakes118.dll

Resource

win7-20240708-en

gh0strat discovery rat

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

68c59d91ce2dfcf5eeb128f4da3692b1_JaffaCakes118.dll

Resource

win10v2004-20240709-en

gh0strat discovery rat

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  68c59d91ce2dfcf5eeb128f4da3692b1_JaffaCakes118
- Size
  
  56KB
- MD5
  
  68c59d91ce2dfcf5eeb128f4da3692b1
- SHA1
  
  cf8a646df55f8953f697fbd4d6524f505b7a802c
- SHA256
  
  89ef5b9c64cf964294abc8f3f84f0b9fc021fc17e50c5e337f728202e4f3101d
- SHA512
  
  a439f8b69bc0206d611cea90cddc971628d65c898dde4f8031c840cf12a4197e158049e391cc9bb0dfb7ed12a85d9d90ead7b502a959f33196e0858dc7ce0a60
- SSDEEP
  
  768:u74XSDgbahXrerQvaONvqm87WRmrQ1JaGaeb9fME7MhHrGpJByuXw0+d8wKpqCa5:yXr9aONP87imrya9eRnMyrXj+dqpF83
Score

10^/10

gh0strat discovery rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratdiscoveryrat

behavioral2

gh0stratdiscoveryrat

© 2018-2025

Terms | Privacy