General

  • Target

    5f13777a65fed1757d1be95bd82af6d1362313874f2aad1d5d0dae08be2aad3b

  • Size

    899KB

  • Sample

    240427-z3rsgaha2t

  • MD5

    c0558e2c0e85319f58cb9d57300527eb

  • SHA1

    59152f42afa5688d5b7e0f8ee9a66057b02014df

  • SHA256

    5f13777a65fed1757d1be95bd82af6d1362313874f2aad1d5d0dae08be2aad3b

  • SHA512

    95aefd2540077e42ccf5bd5f50781eb067c53b3c1b9323d1323a451fc690ba63a7a88b74aa3ee8d7013cc5de45bff45126e20e4ab0d17417a6cd3e22fa46dcbb

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXM:7wqd87VM

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      5f13777a65fed1757d1be95bd82af6d1362313874f2aad1d5d0dae08be2aad3b

    • Size

      899KB

    • MD5

      c0558e2c0e85319f58cb9d57300527eb

    • SHA1

      59152f42afa5688d5b7e0f8ee9a66057b02014df

    • SHA256

      5f13777a65fed1757d1be95bd82af6d1362313874f2aad1d5d0dae08be2aad3b

    • SHA512

      95aefd2540077e42ccf5bd5f50781eb067c53b3c1b9323d1323a451fc690ba63a7a88b74aa3ee8d7013cc5de45bff45126e20e4ab0d17417a6cd3e22fa46dcbb

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXM:7wqd87VM

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks