Overview

overview

10

Static

static

10

ee64dc71ca...f7.dll

windows7-x64

10

ee64dc71ca...f7.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ee64dc71ca8ab01bee7a26d8b56f0c7ca3333f259926bcc37106d4622b1939f7

  • Size

    50KB

  • Sample

    240630-3fagfssdjk

  • MD5

    124547762d06a6421b71ce4a2f27d303

  • SHA1

    29aa8d057109ca9a5601a679d3019008828eca8f

  • SHA256

    ee64dc71ca8ab01bee7a26d8b56f0c7ca3333f259926bcc37106d4622b1939f7

  • SHA512

    a912e8ab43206ecc238fe9cc1c9ffc68a27a3bd78c801076b8b9aeeb772b5cd7dbeeb8f2493d891f706f28e828c932d6cf55895db4691765513043554f70c982

  • SSDEEP

    1536:WD1N4TeeWMWfPbp2WTrW9L3JPPgJ+o5NJYH:W5ReWjTrW9rNPgYoPJYH

Score
10/10
gh0stratrat

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      ee64dc71ca8ab01bee7a26d8b56f0c7ca3333f259926bcc37106d4622b1939f7

    • Size

      50KB

    • MD5

      124547762d06a6421b71ce4a2f27d303

    • SHA1

      29aa8d057109ca9a5601a679d3019008828eca8f

    • SHA256

      ee64dc71ca8ab01bee7a26d8b56f0c7ca3333f259926bcc37106d4622b1939f7

    • SHA512

      a912e8ab43206ecc238fe9cc1c9ffc68a27a3bd78c801076b8b9aeeb772b5cd7dbeeb8f2493d891f706f28e828c932d6cf55895db4691765513043554f70c982

    • SSDEEP

      1536:WD1N4TeeWMWfPbp2WTrW9L3JPPgJ+o5NJYH:W5ReWjTrW9rNPgYoPJYH

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks