Overview

overview

10

Static

static

10

dd13e891db...0f.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    dd13e891dba32263168a393d0a8538e1b10f939412567824ca5003eacc24ce0f

  • Size

    899KB

  • Sample

    250630-f5plcahm2x

  • MD5

    bcd40b063706d1eff3f30f8015032534

  • SHA1

    a247778dddc6edd4febc168fbcade86652757a6f

  • SHA256

    dd13e891dba32263168a393d0a8538e1b10f939412567824ca5003eacc24ce0f

  • SHA512

    a44f542fd487d1e4a41b15bd6a92684b68f3a1c57dc3e54fffe2a40b772321ee3fbe23d6676f55abd9b1054c6a337eb098b098b2c22db8cc2fac1605f01c589d

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXJ:7wqd87VJ

Score
10/10
gh0stratdiscoveryrat

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      dd13e891dba32263168a393d0a8538e1b10f939412567824ca5003eacc24ce0f

    • Size

      899KB

    • MD5

      bcd40b063706d1eff3f30f8015032534

    • SHA1

      a247778dddc6edd4febc168fbcade86652757a6f

    • SHA256

      dd13e891dba32263168a393d0a8538e1b10f939412567824ca5003eacc24ce0f

    • SHA512

      a44f542fd487d1e4a41b15bd6a92684b68f3a1c57dc3e54fffe2a40b772321ee3fbe23d6676f55abd9b1054c6a337eb098b098b2c22db8cc2fac1605f01c589d

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXJ:7wqd87VJ

    Score
    10/10
    gh0stratdiscoveryrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Gh0strat family

      gh0strat
    behavioral1

MITRE ATT&CK Enterprise v16

Tasks

OSZAR »