General

  • Target

    b0798bd2f956662a1ecf7631613daa8bbc22842e8fb6a6146fbb69d209bf6519

  • Size

    1.2MB

  • Sample

    241109-1gq5gsvrgq

  • MD5

    623c866bb3e90d58c4155cde1eca7f9d

  • SHA1

    c5ecd3506c20aaf2be1347de323f84edfa6a3c7c

  • SHA256

    b0798bd2f956662a1ecf7631613daa8bbc22842e8fb6a6146fbb69d209bf6519

  • SHA512

    8e00ddeef29fe77ab37a5732911166cdcd675347823bc06e95ee4327354d27f9b3819f1449952e04ec969af741cf1cf351fad84981c4cd660895d7e8537c0b1b

  • SSDEEP

    24576:N8ig6TcB+LoqSZQRbw+NAybxJFClvn6IIYMflJZsQ:Ciy+LoqGQRbCIIPMflJ

Score
10/10

Malware Config

Targets

    • Target

      b0798bd2f956662a1ecf7631613daa8bbc22842e8fb6a6146fbb69d209bf6519

    • Size

      1.2MB

    • MD5

      623c866bb3e90d58c4155cde1eca7f9d

    • SHA1

      c5ecd3506c20aaf2be1347de323f84edfa6a3c7c

    • SHA256

      b0798bd2f956662a1ecf7631613daa8bbc22842e8fb6a6146fbb69d209bf6519

    • SHA512

      8e00ddeef29fe77ab37a5732911166cdcd675347823bc06e95ee4327354d27f9b3819f1449952e04ec969af741cf1cf351fad84981c4cd660895d7e8537c0b1b

    • SSDEEP

      24576:N8ig6TcB+LoqSZQRbw+NAybxJFClvn6IIYMflJZsQ:Ciy+LoqGQRbCIIPMflJ

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks