General

  • Target

    69781dd6ba6d28c616a807ebeea969735995f7acb852b7c7b59a0a24154cc275

  • Size

    899KB

  • Sample

    240427-h4ytqsdf82

  • MD5

    18b46fbb3f11bd854f5dba4a0ad2d252

  • SHA1

    64de3a8f33652331faac77de885caec1545808b9

  • SHA256

    69781dd6ba6d28c616a807ebeea969735995f7acb852b7c7b59a0a24154cc275

  • SHA512

    5ca3c22f48d3fffb5495ef8f1fbfb4b1ceac8fabd94eba17541baf2458d7cd50ff3d907e934b09c71f412c582ccbf313f9a392442e9f69081c8e6d55445dbc38

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXv:7wqd87Vv

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      69781dd6ba6d28c616a807ebeea969735995f7acb852b7c7b59a0a24154cc275

    • Size

      899KB

    • MD5

      18b46fbb3f11bd854f5dba4a0ad2d252

    • SHA1

      64de3a8f33652331faac77de885caec1545808b9

    • SHA256

      69781dd6ba6d28c616a807ebeea969735995f7acb852b7c7b59a0a24154cc275

    • SHA512

      5ca3c22f48d3fffb5495ef8f1fbfb4b1ceac8fabd94eba17541baf2458d7cd50ff3d907e934b09c71f412c582ccbf313f9a392442e9f69081c8e6d55445dbc38

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXv:7wqd87Vv

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks