General

  • Target

    64fe5e106035211b4f48597e82c36aef1d02396f3b4725db7d47a96fd710dea0

  • Size

    50KB

  • Sample

    240427-ww9g6adh24

  • MD5

    1624263d135e6fb42bb648820fb9f0b1

  • SHA1

    5fbc41d17c44e4ed76625abbb5cb0e474321b590

  • SHA256

    64fe5e106035211b4f48597e82c36aef1d02396f3b4725db7d47a96fd710dea0

  • SHA512

    4c2bb240df6772a2c6daf6468457c3dd9f84cd130a6744a98f2f2293fe9d4dd1cd1d4e12d7924e681209d88971c84a23e775fc3459d5cefda612825f5b08cc07

  • SSDEEP

    1536:WD1N4TeeWMWfPbp2WTrW9L3JPPgJ+o5rJYH:W5ReWjTrW9rNPgYoVJYH

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      64fe5e106035211b4f48597e82c36aef1d02396f3b4725db7d47a96fd710dea0

    • Size

      50KB

    • MD5

      1624263d135e6fb42bb648820fb9f0b1

    • SHA1

      5fbc41d17c44e4ed76625abbb5cb0e474321b590

    • SHA256

      64fe5e106035211b4f48597e82c36aef1d02396f3b4725db7d47a96fd710dea0

    • SHA512

      4c2bb240df6772a2c6daf6468457c3dd9f84cd130a6744a98f2f2293fe9d4dd1cd1d4e12d7924e681209d88971c84a23e775fc3459d5cefda612825f5b08cc07

    • SSDEEP

      1536:WD1N4TeeWMWfPbp2WTrW9L3JPPgJ+o5rJYH:W5ReWjTrW9rNPgYoVJYH

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks