General

  • Target

    9cb8114830ca03820f1bec2857b769a6609c6527bcd692df3bb2bc96cd98a6b4

  • Size

    899KB

  • Sample

    240429-wxnl3she7s

  • MD5

    8f57a4415d91a64c40fcb4f2d56552b3

  • SHA1

    1e93bf5f6606c6adf11cd5555d6e9ce954e6ad1b

  • SHA256

    9cb8114830ca03820f1bec2857b769a6609c6527bcd692df3bb2bc96cd98a6b4

  • SHA512

    7a19da64e45ecb46a83e790180f43b543d5c0be55632fdc2e669d9baf020d65fc76883e0eaeccf21998f22bc0034f9b07234ebfd8a349a9ff2d146e4f259c190

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXt:7wqd87Vt

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      9cb8114830ca03820f1bec2857b769a6609c6527bcd692df3bb2bc96cd98a6b4

    • Size

      899KB

    • MD5

      8f57a4415d91a64c40fcb4f2d56552b3

    • SHA1

      1e93bf5f6606c6adf11cd5555d6e9ce954e6ad1b

    • SHA256

      9cb8114830ca03820f1bec2857b769a6609c6527bcd692df3bb2bc96cd98a6b4

    • SHA512

      7a19da64e45ecb46a83e790180f43b543d5c0be55632fdc2e669d9baf020d65fc76883e0eaeccf21998f22bc0034f9b07234ebfd8a349a9ff2d146e4f259c190

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXt:7wqd87Vt

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks