gh0strat | cd7ed6b613518fb375e81ee4430e7876d434fff6e23b27220fc64ec9037daf2a | Triage

Submit
Reports

Overview

overview

Static

static

cd7ed6b613...2a.dll

windows7-x64

cd7ed6b613...2a.dll

windows10-2004-x64

Sharing

General

Target

cd7ed6b613518fb375e81ee4430e7876d434fff6e23b27220fc64ec9037daf2a
Size

49KB
Sample

250304-dk3w5aykx2
MD5

a8b20ad06d6bdf89e6a36b559dae80c1
SHA1

70f6777e1cd9dcb15baddbd2fc4d30326da71eb0
SHA256

cd7ed6b613518fb375e81ee4430e7876d434fff6e23b27220fc64ec9037daf2a
SHA512

6675fab82852a7ee70cc25fa2cc847ab3b39bb9143b48042773a9c91b29d6771a3644de2bc529ba2dffc1abc4a39c8a3b89480e86327a3b5813530d75d30e080
SSDEEP

1536:CDwMsml26T5zBj+alf1H9jfbyqkY4ZvoDUb/gJOxJYHB9ElHS:Cn7zBjPp1H9ovoDa/gJuJYHBWZS

Score

10^/10

gh0strat discovery rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

cd7ed6b613518fb375e81ee4430e7876d434fff6e23b27220fc64ec9037daf2a.dll

Resource

win7-20241010-en

gh0strat discovery rat

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

cd7ed6b613518fb375e81ee4430e7876d434fff6e23b27220fc64ec9037daf2a.dll

Resource

win10v2004-20250217-en

gh0strat discovery rat

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

gh0strat

C2

cf1549064127.f3322.net

Targets

- Target
  
  cd7ed6b613518fb375e81ee4430e7876d434fff6e23b27220fc64ec9037daf2a
- Size
  
  49KB
- MD5
  
  a8b20ad06d6bdf89e6a36b559dae80c1
- SHA1
  
  70f6777e1cd9dcb15baddbd2fc4d30326da71eb0
- SHA256
  
  cd7ed6b613518fb375e81ee4430e7876d434fff6e23b27220fc64ec9037daf2a
- SHA512
  
  6675fab82852a7ee70cc25fa2cc847ab3b39bb9143b48042773a9c91b29d6771a3644de2bc529ba2dffc1abc4a39c8a3b89480e86327a3b5813530d75d30e080
- SSDEEP
  
  1536:CDwMsml26T5zBj+alf1H9jfbyqkY4ZvoDUb/gJOxJYHB9ElHS:Cn7zBjPp1H9ovoDa/gJuJYHBWZS
Score

10^/10

gh0strat discovery rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Gh0strat family
  gh0strat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratdiscoveryrat

behavioral2

gh0stratdiscoveryrat

© 2018-2025

Terms | Privacy