gh0strat | 8dda0462ba2855649111dfb7080eb1f44fe6099e3a7ff08bd0f41f1507dd77d8 | Triage

Submit
Reports

Overview

overview

Static

static

1

8dda0462ba...d8.exe

windows7-x64

3

8dda0462ba...d8.exe

windows10-2004-x64

Sharing

General

Target

8dda0462ba2855649111dfb7080eb1f44fe6099e3a7ff08bd0f41f1507dd77d8
Size

1.1MB
Sample

250307-jajy6awvaz
MD5

52331fcae695c202825a82bf4208512f
SHA1

3a6a44be269f6bbd6873ea83b5e260d5197b83f6
SHA256

8dda0462ba2855649111dfb7080eb1f44fe6099e3a7ff08bd0f41f1507dd77d8
SHA512

10df83a34a210d2a4ea3133b2558c52b17a69144ccb7e28ff22a6394b476f0dfc2fe741c19f3cf253f23b96df4df3a2230b1115d2c7c3e8022621461e0a8872a
SSDEEP

12288:B62zeB/vtDBrhOGd9X8WoKxD/g7YRbKMIvsexW4YxsHq6ZpVwBSP3+Itfm:reZVDBdxLiEF2vfxvS6ZpVwBI+L

Score

10^/10

gh0strat discovery rat

Static task

static1

Behavioral task

behavioral1

Sample

8dda0462ba2855649111dfb7080eb1f44fe6099e3a7ff08bd0f41f1507dd77d8.exe

Resource

win7-20240729-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

8dda0462ba2855649111dfb7080eb1f44fe6099e3a7ff08bd0f41f1507dd77d8.exe

Resource

win10v2004-20250217-en

gh0strat discovery rat

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  8dda0462ba2855649111dfb7080eb1f44fe6099e3a7ff08bd0f41f1507dd77d8
- Size
  
  1.1MB
- MD5
  
  52331fcae695c202825a82bf4208512f
- SHA1
  
  3a6a44be269f6bbd6873ea83b5e260d5197b83f6
- SHA256
  
  8dda0462ba2855649111dfb7080eb1f44fe6099e3a7ff08bd0f41f1507dd77d8
- SHA512
  
  10df83a34a210d2a4ea3133b2558c52b17a69144ccb7e28ff22a6394b476f0dfc2fe741c19f3cf253f23b96df4df3a2230b1115d2c7c3e8022621461e0a8872a
- SSDEEP
  
  12288:B62zeB/vtDBrhOGd9X8WoKxD/g7YRbKMIvsexW4YxsHq6ZpVwBSP3+Itfm:reZVDBdxLiEF2vfxvS6ZpVwBI+L
Score

10^/10

discovery gh0strat rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Gh0strat family
  gh0strat
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

gh0stratdiscoveryrat

© 2018-2025

Terms | Privacy