General

  • Target

    bef37ead7e2d5ee3c382944e45da978bb531f9f03626daddaf1e680be3c78e4e

  • Size

    899KB

  • Sample

    240428-x3cbnsfc91

  • MD5

    089bec5a3d2b782471adcbcbe03f3f74

  • SHA1

    7104912171ce0580a71171851c790dfb4d5053de

  • SHA256

    bef37ead7e2d5ee3c382944e45da978bb531f9f03626daddaf1e680be3c78e4e

  • SHA512

    dbfc1da5f454ac49863ccaf3df19d1f792f68f6d94521e7c533d3ba9d8d3005ce01e785bf7d12b846b69d3079506e61702a0a97ea7df4ebccc149202fa8a9e27

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXw:7wqd87Vw

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

honchengkeji.f3322.net

Targets

    • Target

      bef37ead7e2d5ee3c382944e45da978bb531f9f03626daddaf1e680be3c78e4e

    • Size

      899KB

    • MD5

      089bec5a3d2b782471adcbcbe03f3f74

    • SHA1

      7104912171ce0580a71171851c790dfb4d5053de

    • SHA256

      bef37ead7e2d5ee3c382944e45da978bb531f9f03626daddaf1e680be3c78e4e

    • SHA512

      dbfc1da5f454ac49863ccaf3df19d1f792f68f6d94521e7c533d3ba9d8d3005ce01e785bf7d12b846b69d3079506e61702a0a97ea7df4ebccc149202fa8a9e27

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXw:7wqd87Vw

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks