General

  • Target

    fe3a612b7550f2207ebec80c3eb04d6ce6718c1c58d88559fa83592b554ace5a

  • Size

    50KB

  • Sample

    240428-xzwwxafc3s

  • MD5

    fd67bc4ae95014ba70e0fa38d2b77df4

  • SHA1

    85871a03bae6b70feb0bd2c4fa3ae62177750abf

  • SHA256

    fe3a612b7550f2207ebec80c3eb04d6ce6718c1c58d88559fa83592b554ace5a

  • SHA512

    deb674c37549685246fd6c7e13f0cc54dc8c52d9fcb3ffe23b569b69835cf632ad79c0782d691b2e21ea4acc28b1a8e667a9181c121013adc475b66742413546

  • SSDEEP

    1536:WD1N4TeeWMWfPbp2WTrW9L3JPPgJ+o5FJYH:W5ReWjTrW9rNPgYoPJYH

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      fe3a612b7550f2207ebec80c3eb04d6ce6718c1c58d88559fa83592b554ace5a

    • Size

      50KB

    • MD5

      fd67bc4ae95014ba70e0fa38d2b77df4

    • SHA1

      85871a03bae6b70feb0bd2c4fa3ae62177750abf

    • SHA256

      fe3a612b7550f2207ebec80c3eb04d6ce6718c1c58d88559fa83592b554ace5a

    • SHA512

      deb674c37549685246fd6c7e13f0cc54dc8c52d9fcb3ffe23b569b69835cf632ad79c0782d691b2e21ea4acc28b1a8e667a9181c121013adc475b66742413546

    • SSDEEP

      1536:WD1N4TeeWMWfPbp2WTrW9L3JPPgJ+o5FJYH:W5ReWjTrW9rNPgYoPJYH

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks