gh0strat | 557a823606563c552f7a309524a826a8b5b091bcf722597148759d04197bd358 | Triage

Submit
Reports

Overview

overview

Static

static

557a823606...58.dll

windows7-x64

557a823606...58.dll

windows10-2004-x64

Sharing

General

Target

557a823606563c552f7a309524a826a8b5b091bcf722597148759d04197bd358
Size

899KB
Sample

241110-q527jsybmg
MD5

ef0b46f9bc6850c4f1023a8abf68e99f
SHA1

2517a67d2d2dfdb806e9454d2111b9d6a3f286f4
SHA256

557a823606563c552f7a309524a826a8b5b091bcf722597148759d04197bd358
SHA512

d77ce7719752468236522d891b924dad4fb9e03b2ee7bb8f17f68f6ca87382231a7ea83d50fdff41ce200f65ed4f8ee54fa385b7bcc268bc2c1b2ad5d89b7b13
SSDEEP

24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXS:7wqd87VS

Score

10^/10

gh0strat discovery rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

557a823606563c552f7a309524a826a8b5b091bcf722597148759d04197bd358.dll

Resource

win7-20241023-en

gh0strat discovery rat

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

557a823606563c552f7a309524a826a8b5b091bcf722597148759d04197bd358.dll

Resource

win10v2004-20241007-en

gh0strat discovery rat

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

- Target
  
  557a823606563c552f7a309524a826a8b5b091bcf722597148759d04197bd358
- Size
  
  899KB
- MD5
  
  ef0b46f9bc6850c4f1023a8abf68e99f
- SHA1
  
  2517a67d2d2dfdb806e9454d2111b9d6a3f286f4
- SHA256
  
  557a823606563c552f7a309524a826a8b5b091bcf722597148759d04197bd358
- SHA512
  
  d77ce7719752468236522d891b924dad4fb9e03b2ee7bb8f17f68f6ca87382231a7ea83d50fdff41ce200f65ed4f8ee54fa385b7bcc268bc2c1b2ad5d89b7b13
- SSDEEP
  
  24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXS:7wqd87VS
Score

10^/10

gh0strat discovery rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Gh0strat family
  gh0strat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratdiscoveryrat

behavioral2

gh0stratdiscoveryrat

© 2018-2024

Terms | Privacy