gh0strat | 3fe68833f73c1cfce6a37456240d21b8764a1782cee8673692d7da84c30397b5 | Triage

Submit
Reports

Overview

overview

Static

static

3fe68833f7...b5.dll

windows7-x64

3fe68833f7...b5.dll

windows10-2004-x64

Sharing

General

Target

3fe68833f73c1cfce6a37456240d21b8764a1782cee8673692d7da84c30397b5
Size

124KB
Sample

240811-zcn9naxajm
MD5

7ce6c95e165b66e323ce640e92bf54b3
SHA1

a622b0167e4dd6df63db682be219a2ea44ea9fc9
SHA256

3fe68833f73c1cfce6a37456240d21b8764a1782cee8673692d7da84c30397b5
SHA512

4b25df22b1482c2fa0ca4fdc2d7e211eced18e5111908e1401ef8c37bcd3aff0ee4d0f256d4b3997d586a7871a214a12f6f4d1c4bed133756bb6c97d4b1676ec
SSDEEP

3072:M0b+2WnFEL0YerUIj4zrdFxe3snj0mP9CfrHp8:1a2We0YerfirzxJnj0m1CfTp8

Score

10^/10

gh0strat discovery rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

3fe68833f73c1cfce6a37456240d21b8764a1782cee8673692d7da84c30397b5.dll

Resource

win7-20240704-en

gh0strat discovery rat

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

3fe68833f73c1cfce6a37456240d21b8764a1782cee8673692d7da84c30397b5.dll

Resource

win10v2004-20240802-en

gh0strat discovery rat

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  3fe68833f73c1cfce6a37456240d21b8764a1782cee8673692d7da84c30397b5
- Size
  
  124KB
- MD5
  
  7ce6c95e165b66e323ce640e92bf54b3
- SHA1
  
  a622b0167e4dd6df63db682be219a2ea44ea9fc9
- SHA256
  
  3fe68833f73c1cfce6a37456240d21b8764a1782cee8673692d7da84c30397b5
- SHA512
  
  4b25df22b1482c2fa0ca4fdc2d7e211eced18e5111908e1401ef8c37bcd3aff0ee4d0f256d4b3997d586a7871a214a12f6f4d1c4bed133756bb6c97d4b1676ec
- SSDEEP
  
  3072:M0b+2WnFEL0YerUIj4zrdFxe3snj0mP9CfrHp8:1a2We0YerfirzxJnj0m1CfTp8
Score

10^/10

gh0strat discovery rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratdiscoveryrat

behavioral2

gh0stratdiscoveryrat

© 2018-2025

Terms | Privacy