gh0strat | 130626014d9c76c7ab0fbfcc5f376dd517a3195cf3d880b1ab4a4da197941e88 | Triage

Submit
Reports

Overview

overview

Static

static

130626014d...88.dll

windows7-x64

130626014d...88.dll

windows10-2004-x64

Sharing

General

Target

130626014d9c76c7ab0fbfcc5f376dd517a3195cf3d880b1ab4a4da197941e88
Size

899KB
Sample

241120-detfhazdmq
MD5

cd42d1a9beeea0a713340bd1344071e2
SHA1

45d46b7b7791e54aa19448855818b6b12f33eadb
SHA256

130626014d9c76c7ab0fbfcc5f376dd517a3195cf3d880b1ab4a4da197941e88
SHA512

99b4f0a72c01b2bb13301a39415bc44db34c1aea9a1581ee381af7822c05785cbf5acd83cb2f8fae8a58e77f3470cdc0b92f94e42364451a4e9d1d9cd5438daa
SSDEEP

24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXv:7wqd87Vv

Score

10^/10

gh0strat discovery rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

130626014d9c76c7ab0fbfcc5f376dd517a3195cf3d880b1ab4a4da197941e88.dll

Resource

win7-20241010-en

gh0strat discovery rat

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

130626014d9c76c7ab0fbfcc5f376dd517a3195cf3d880b1ab4a4da197941e88.dll

Resource

win10v2004-20241007-en

gh0strat discovery rat

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

- Target
  
  130626014d9c76c7ab0fbfcc5f376dd517a3195cf3d880b1ab4a4da197941e88
- Size
  
  899KB
- MD5
  
  cd42d1a9beeea0a713340bd1344071e2
- SHA1
  
  45d46b7b7791e54aa19448855818b6b12f33eadb
- SHA256
  
  130626014d9c76c7ab0fbfcc5f376dd517a3195cf3d880b1ab4a4da197941e88
- SHA512
  
  99b4f0a72c01b2bb13301a39415bc44db34c1aea9a1581ee381af7822c05785cbf5acd83cb2f8fae8a58e77f3470cdc0b92f94e42364451a4e9d1d9cd5438daa
- SSDEEP
  
  24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXv:7wqd87Vv
Score

10^/10

gh0strat discovery rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Gh0strat family
  gh0strat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratdiscoveryrat

behavioral2

gh0stratdiscoveryrat

© 2018-2025

Terms | Privacy