General

  • Target

    6917585c6a38160493ebecbd69c908d49b50c7b7fcd287d551457dde55136210N.exe

  • Size

    371KB

  • Sample

    241230-qn6teaymft

  • MD5

    a73535df718390bcd571c8504dfabc30

  • SHA1

    8d18ff801e8b64d6057a86d0e0acea1bbaefc4bd

  • SHA256

    6917585c6a38160493ebecbd69c908d49b50c7b7fcd287d551457dde55136210

  • SHA512

    fbe9a5ec707f68f50555076fb1d766b36668e4261cb11f10a44c3cb41c9a81ff57f388c11c5656dd1cc43780128ee56ce36749a89007de1a0018ef52ee4af095

  • SSDEEP

    3072:v3aKSkbDv3mHJc7a19CvePviOBtfFnNHHqPL54HdotoQupTb16NJuB/DESaTbf32:f/bDv3Uc++qFZHG2X16jADG31uYZn5E

Malware Config

Targets

    • Target

      6917585c6a38160493ebecbd69c908d49b50c7b7fcd287d551457dde55136210N.exe

    • Size

      371KB

    • MD5

      a73535df718390bcd571c8504dfabc30

    • SHA1

      8d18ff801e8b64d6057a86d0e0acea1bbaefc4bd

    • SHA256

      6917585c6a38160493ebecbd69c908d49b50c7b7fcd287d551457dde55136210

    • SHA512

      fbe9a5ec707f68f50555076fb1d766b36668e4261cb11f10a44c3cb41c9a81ff57f388c11c5656dd1cc43780128ee56ce36749a89007de1a0018ef52ee4af095

    • SSDEEP

      3072:v3aKSkbDv3mHJc7a19CvePviOBtfFnNHHqPL54HdotoQupTb16NJuB/DESaTbf32:f/bDv3Uc++qFZHG2X16jADG31uYZn5E

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks