Overview

overview

10

Static

static

10

a423dce2a0...8a.dll

windows7-x64

10

a423dce2a0...8a.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a423dce2a0f78a467a6eaede9b53b97ce40ff55ddfa1314545c4bf836c90198a

  • Size

    899KB

  • Sample

    241110-hh5eds1hlk

  • MD5

    4c80712dbddbca07474e10d87d425b53

  • SHA1

    6314f7d879ec3880335d2759018ae695676bd981

  • SHA256

    a423dce2a0f78a467a6eaede9b53b97ce40ff55ddfa1314545c4bf836c90198a

  • SHA512

    6c808931e3a56bda0847dab83d3a436eca4c516b32c0b7a474fe15e9f7398fb5c00748fc3b86ffdd900d1149b219ff4affe667a5158891e762f56ee3fffaaac4

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXD:7wqd87VD

Score
10/10
gh0stratdiscoveryrat

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      a423dce2a0f78a467a6eaede9b53b97ce40ff55ddfa1314545c4bf836c90198a

    • Size

      899KB

    • MD5

      4c80712dbddbca07474e10d87d425b53

    • SHA1

      6314f7d879ec3880335d2759018ae695676bd981

    • SHA256

      a423dce2a0f78a467a6eaede9b53b97ce40ff55ddfa1314545c4bf836c90198a

    • SHA512

      6c808931e3a56bda0847dab83d3a436eca4c516b32c0b7a474fe15e9f7398fb5c00748fc3b86ffdd900d1149b219ff4affe667a5158891e762f56ee3fffaaac4

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXD:7wqd87VD

    Score
    10/10
    gh0stratdiscoveryrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Gh0strat family

      gh0strat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks