gh0strat | dc5276f9a2104735b9fe9882ca6edf9d449c0794238bcf697aee3d6a1f8145fd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

3aeb38c97f...18.dll

windows7-x64

3aeb38c97f...18.dll

windows10-2004-x64

Sharing

General

Target

3aeb38c97f8ee82f3053b54e4b1ac7db_JaffaCakes118
Size

114KB
Sample

241012-tmgdxatcjr
MD5

3aeb38c97f8ee82f3053b54e4b1ac7db
SHA1

ddc41bc689b0ccd1fc35fbda354ed54437662bb2
SHA256

dc5276f9a2104735b9fe9882ca6edf9d449c0794238bcf697aee3d6a1f8145fd
SHA512

9677945293a1b22af95fc691c5b8f5c299b53278c563eb8f8673e07c1b0c1554656519ab1bbd6d2f448f1380f3fc25b45df8f8f63a4751c7699ee4339d6be8d5
SSDEEP

1536:FU8b3bgF8efng8G8S+/NTsFKXtBuPuKNT8qlabOQIWtGwQJx8KHwF4eqqQ:rcF8efg8JNjziu+6bOdaJOQa

Score

10^/10

gh0strat discovery rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3aeb38c97f8ee82f3053b54e4b1ac7db_JaffaCakes118.dll

Resource

win7-20240903-en

gh0strat discovery rat

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

3aeb38c97f8ee82f3053b54e4b1ac7db_JaffaCakes118.dll

Resource

win10v2004-20241007-en

gh0strat discovery rat

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  3aeb38c97f8ee82f3053b54e4b1ac7db_JaffaCakes118
- Size
  
  114KB
- MD5
  
  3aeb38c97f8ee82f3053b54e4b1ac7db
- SHA1
  
  ddc41bc689b0ccd1fc35fbda354ed54437662bb2
- SHA256
  
  dc5276f9a2104735b9fe9882ca6edf9d449c0794238bcf697aee3d6a1f8145fd
- SHA512
  
  9677945293a1b22af95fc691c5b8f5c299b53278c563eb8f8673e07c1b0c1554656519ab1bbd6d2f448f1380f3fc25b45df8f8f63a4751c7699ee4339d6be8d5
- SSDEEP
  
  1536:FU8b3bgF8efng8G8S+/NTsFKXtBuPuKNT8qlabOQIWtGwQJx8KHwF4eqqQ:rcF8efg8JNjziu+6bOdaJOQa
Score

10^/10

gh0strat discovery rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratdiscoveryrat

behavioral2

gh0stratdiscoveryrat

© 2018-2025

Terms | Privacy