gh0strat | 33cc6579e985579c178ab77c2429497c5bb0c1e2b83f46bba41aa8733fa70f36 | Triage

Submit
Reports

Overview

overview

Static

static

7

b5cbedf231...18.exe

windows7-x64

b5cbedf231...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

b5cbedf2313fc23428906798370c17ed_JaffaCakes118
Size

85KB
Sample

240822-bplsas1cmh
MD5

b5cbedf2313fc23428906798370c17ed
SHA1

078845f15333cb9731597b1d2f1c27bfcd0b4297
SHA256

33cc6579e985579c178ab77c2429497c5bb0c1e2b83f46bba41aa8733fa70f36
SHA512

daec1b49e6fc6e2f0774d8ce73a1c60fd17733eaba2438832fcc5802a92b7c382528a05a38bd9f98a31c4af92fbcb00c2801c0415db5e47dd22adf8255df904e
SSDEEP

1536:iJYrCTD6ywHX/vpMKaz5+DzK9zkuMomGyy5j1ZeyY43X9kPE5FZtHR:sY+TuywHPvpi/ww1+ytIE5FZtHR

Score

10^/10

gh0strat discovery rat upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b5cbedf2313fc23428906798370c17ed_JaffaCakes118.exe

Resource

win7-20240704-en

gh0strat discovery rat upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b5cbedf2313fc23428906798370c17ed_JaffaCakes118.exe

Resource

win10v2004-20240802-en

gh0strat discovery rat upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  b5cbedf2313fc23428906798370c17ed_JaffaCakes118
- Size
  
  85KB
- MD5
  
  b5cbedf2313fc23428906798370c17ed
- SHA1
  
  078845f15333cb9731597b1d2f1c27bfcd0b4297
- SHA256
  
  33cc6579e985579c178ab77c2429497c5bb0c1e2b83f46bba41aa8733fa70f36
- SHA512
  
  daec1b49e6fc6e2f0774d8ce73a1c60fd17733eaba2438832fcc5802a92b7c382528a05a38bd9f98a31c4af92fbcb00c2801c0415db5e47dd22adf8255df904e
- SSDEEP
  
  1536:iJYrCTD6ywHX/vpMKaz5+DzK9zkuMomGyy5j1ZeyY43X9kPE5FZtHR:sY+TuywHPvpi/ww1+ytIE5FZtHR
Score

10^/10

gh0strat discovery rat upx
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratdiscoveryratupx

behavioral2

gh0stratdiscoveryratupx

© 2018-2025

Terms | Privacy