Overview

overview

10

Static

static

10

5f21709ec4...60.dll

windows7-x64

10

5f21709ec4...60.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5f21709ec4e1cb72417062817ed0f537652f17d3a1331a5b705e36c088c59f60

  • Size

    899KB

  • Sample

    241001-zqhc9szfkq

  • MD5

    c790e461d5bce59c5ea81074263294f1

  • SHA1

    7aee12b8465b93bdbab8864958546483959d1f41

  • SHA256

    5f21709ec4e1cb72417062817ed0f537652f17d3a1331a5b705e36c088c59f60

  • SHA512

    711d79a05f27cd198d97d92e090cf2f570125ed31096fca7668bd3ef6f2fcecf6b809d4261feb369eae085e6d0d523915b3dd257c3c48bd8cef7c0692ca68445

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXN:7wqd87VN

Score
10/10
gh0stratdiscoveryrat

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      5f21709ec4e1cb72417062817ed0f537652f17d3a1331a5b705e36c088c59f60

    • Size

      899KB

    • MD5

      c790e461d5bce59c5ea81074263294f1

    • SHA1

      7aee12b8465b93bdbab8864958546483959d1f41

    • SHA256

      5f21709ec4e1cb72417062817ed0f537652f17d3a1331a5b705e36c088c59f60

    • SHA512

      711d79a05f27cd198d97d92e090cf2f570125ed31096fca7668bd3ef6f2fcecf6b809d4261feb369eae085e6d0d523915b3dd257c3c48bd8cef7c0692ca68445

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXN:7wqd87VN

    Score
    10/10
    gh0stratdiscoveryrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks