General

  • Target

    b0c64701853699ac2f3175d29341c3cd83f3e4e75352600e79e797325c8c2d28

  • Size

    50KB

  • Sample

    240428-x2afpafc6x

  • MD5

    323c9d2ecd14503c1bebddeb1808c0f8

  • SHA1

    819a7c91c1129a0fed4df76f7246801add40f4fb

  • SHA256

    b0c64701853699ac2f3175d29341c3cd83f3e4e75352600e79e797325c8c2d28

  • SHA512

    e358e9e2ab20dbc53cf0b8df006bd7f2e82406a6abb8a54f97aec45d58ce561447812b313c3a148f0c12f40715d275e3abb07f6bbf6c5c1635b0e39059d427d3

  • SSDEEP

    1536:WD1N4TeeWMWfPbp2WTrW9L3JPPgJ+o5RJYH:W5ReWjTrW9rNPgYoTJYH

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      b0c64701853699ac2f3175d29341c3cd83f3e4e75352600e79e797325c8c2d28

    • Size

      50KB

    • MD5

      323c9d2ecd14503c1bebddeb1808c0f8

    • SHA1

      819a7c91c1129a0fed4df76f7246801add40f4fb

    • SHA256

      b0c64701853699ac2f3175d29341c3cd83f3e4e75352600e79e797325c8c2d28

    • SHA512

      e358e9e2ab20dbc53cf0b8df006bd7f2e82406a6abb8a54f97aec45d58ce561447812b313c3a148f0c12f40715d275e3abb07f6bbf6c5c1635b0e39059d427d3

    • SSDEEP

      1536:WD1N4TeeWMWfPbp2WTrW9L3JPPgJ+o5RJYH:W5ReWjTrW9rNPgYoTJYH

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks