Overview

overview

10

Static

static

3

2024-09-09...er.exe

windows7-x64

10

2024-09-09...er.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-09-09_49b3b6d339e721b9a399bccf6279cd3c_magniber

  • Size

    4.8MB

  • Sample

    240909-a9drraweqa

  • MD5

    49b3b6d339e721b9a399bccf6279cd3c

  • SHA1

    50f60ac980af9988cc1c60ab779cfec8276269ae

  • SHA256

    e134b28e666e9df23c1762511155dc0bdc46295cf763d4d49a149f59a4731b4d

  • SHA512

    a2c954784643f15441f0add98b1f28d0b4a3bf46d8dc3bad42828766bf728ab405930702c5fc5a3cea539dd274f9cb207c138d9b6ec80c25d929a1a7124ed1d2

  • SSDEEP

    49152:2FBzpD700KVwh3TA0PCUuz73aknXKK7vZI7aV8iJdozEL3BasSh87YYMTcBF6nRZ:2K7wtABUuz73amL8Ad8QB2RMhJsso

Score
10/10
gh0stratdiscoverypersistencerat

Malware Config

Targets

    • Target

      2024-09-09_49b3b6d339e721b9a399bccf6279cd3c_magniber

    • Size

      4.8MB

    • MD5

      49b3b6d339e721b9a399bccf6279cd3c

    • SHA1

      50f60ac980af9988cc1c60ab779cfec8276269ae

    • SHA256

      e134b28e666e9df23c1762511155dc0bdc46295cf763d4d49a149f59a4731b4d

    • SHA512

      a2c954784643f15441f0add98b1f28d0b4a3bf46d8dc3bad42828766bf728ab405930702c5fc5a3cea539dd274f9cb207c138d9b6ec80c25d929a1a7124ed1d2

    • SSDEEP

      49152:2FBzpD700KVwh3TA0PCUuz73aknXKK7vZI7aV8iJdozEL3BasSh87YYMTcBF6nRZ:2K7wtABUuz73amL8Ad8QB2RMhJsso

    Score
    10/10
    gh0stratdiscoverypersistencerat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks