gh0strat | 431800e6c21a6070242ebfb10338b416b4a4335c0850e97619c2027801790261 | Triage

Submit
Reports

Overview

overview

Static

static

ad6b6612f0...18.dll

windows7-x64

ad6b6612f0...18.dll

windows10-2004-x64

Sharing

General

Target

ad6b6612f0fe5bfa44acff9cc2c71991_JaffaCakes118
Size

104KB
Sample

240820-b5ezpa1eqr
MD5

ad6b6612f0fe5bfa44acff9cc2c71991
SHA1

c83cc3358e4add667f1b15caae211d3f3ad17861
SHA256

431800e6c21a6070242ebfb10338b416b4a4335c0850e97619c2027801790261
SHA512

ef7166f7fe52fabcdbcda10fadcb002870a6eb1af357a1934b91976ec4242be442e8af0a49c9d28aa67ef0f9b18974717f1444cfc273b668e9a10d8530389f04
SSDEEP

1536:6uWcWaL0kl9OI22e6/uMq3aF614jJyVcywtfzSKddeI+GBEmB:PWvaL0U9YTMqqFJyVVwVzSKaI+GBE

Score

10^/10

gh0strat discovery rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

ad6b6612f0fe5bfa44acff9cc2c71991_JaffaCakes118.dll

Resource

win7-20240708-en

gh0strat discovery rat

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

ad6b6612f0fe5bfa44acff9cc2c71991_JaffaCakes118.dll

Resource

win10v2004-20240802-en

gh0strat discovery rat

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  ad6b6612f0fe5bfa44acff9cc2c71991_JaffaCakes118
- Size
  
  104KB
- MD5
  
  ad6b6612f0fe5bfa44acff9cc2c71991
- SHA1
  
  c83cc3358e4add667f1b15caae211d3f3ad17861
- SHA256
  
  431800e6c21a6070242ebfb10338b416b4a4335c0850e97619c2027801790261
- SHA512
  
  ef7166f7fe52fabcdbcda10fadcb002870a6eb1af357a1934b91976ec4242be442e8af0a49c9d28aa67ef0f9b18974717f1444cfc273b668e9a10d8530389f04
- SSDEEP
  
  1536:6uWcWaL0kl9OI22e6/uMq3aF614jJyVcywtfzSKddeI+GBEmB:PWvaL0U9YTMqqFJyVVwVzSKaI+GBE
Score

10^/10

gh0strat discovery rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratdiscoveryrat

behavioral2

gh0stratdiscoveryrat

© 2018-2025

Terms | Privacy