General

  • Target

    a0a7f32f7d7dfb2e45da2c0e799b12199f28996ae7f7792d866d3ef542a4fd6e

  • Size

    899KB

  • Sample

    240427-292blaba5y

  • MD5

    57033d803e2fa81709e57c87620d620d

  • SHA1

    157c2de73d7bc5b24e93cc072e5a9fbc4811b498

  • SHA256

    a0a7f32f7d7dfb2e45da2c0e799b12199f28996ae7f7792d866d3ef542a4fd6e

  • SHA512

    d21b43729f338e203a480353f877984b3522dbd4925ab0f9e01f82a4fce1f15417e1a3b58a2abbf92dfedce498cc16d64c4268f5bb4808ff3821eea01120408d

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXO:7wqd87VO

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      a0a7f32f7d7dfb2e45da2c0e799b12199f28996ae7f7792d866d3ef542a4fd6e

    • Size

      899KB

    • MD5

      57033d803e2fa81709e57c87620d620d

    • SHA1

      157c2de73d7bc5b24e93cc072e5a9fbc4811b498

    • SHA256

      a0a7f32f7d7dfb2e45da2c0e799b12199f28996ae7f7792d866d3ef542a4fd6e

    • SHA512

      d21b43729f338e203a480353f877984b3522dbd4925ab0f9e01f82a4fce1f15417e1a3b58a2abbf92dfedce498cc16d64c4268f5bb4808ff3821eea01120408d

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXO:7wqd87VO

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks