gh0strat | 63224d27a24571a04a6141f8f565d52a90038fcb79c8d0b4031d96cd01652a87 | Triage

Submit
Reports

Overview

overview

Static

static

63224d27a2...87.dll

windows7-x64

63224d27a2...87.dll

windows10-2004-x64

Sharing

General

Target

63224d27a24571a04a6141f8f565d52a90038fcb79c8d0b4031d96cd01652a87
Size

899KB
Sample

241110-1v9hzswgmc
MD5

9ce65026cbd9ff86df0e7f75439cf452
SHA1

cb0ea3993020484b702ef388697f9596285aecdc
SHA256

63224d27a24571a04a6141f8f565d52a90038fcb79c8d0b4031d96cd01652a87
SHA512

ac80fc06ae67e0a2c19652ae9dc3e74219477de3eed9c7a0ba980bc38446b610842a66c704de4db7f9bca302b38eba0058fe749546d5ff0a234d2c051af40ccf
SSDEEP

24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXw:7wqd87Vw

Score

10^/10

gh0strat discovery rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

63224d27a24571a04a6141f8f565d52a90038fcb79c8d0b4031d96cd01652a87.dll

Resource

win7-20240903-en

gh0strat discovery rat

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

63224d27a24571a04a6141f8f565d52a90038fcb79c8d0b4031d96cd01652a87.dll

Resource

win10v2004-20241007-en

gh0strat discovery rat

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

- Target
  
  63224d27a24571a04a6141f8f565d52a90038fcb79c8d0b4031d96cd01652a87
- Size
  
  899KB
- MD5
  
  9ce65026cbd9ff86df0e7f75439cf452
- SHA1
  
  cb0ea3993020484b702ef388697f9596285aecdc
- SHA256
  
  63224d27a24571a04a6141f8f565d52a90038fcb79c8d0b4031d96cd01652a87
- SHA512
  
  ac80fc06ae67e0a2c19652ae9dc3e74219477de3eed9c7a0ba980bc38446b610842a66c704de4db7f9bca302b38eba0058fe749546d5ff0a234d2c051af40ccf
- SSDEEP
  
  24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXw:7wqd87Vw
Score

10^/10

gh0strat discovery rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Gh0strat family
  gh0strat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratdiscoveryrat

behavioral2

gh0stratdiscoveryrat

© 2018-2024

Terms | Privacy