General
-
Target
cb17aa3019cf3f9e3532cf8c1acb33a42cdd61ac37c0da54c49a48f8b68a05be
-
Size
899KB
-
Sample
240526-dg573sdc37
-
MD5
1ad0fb3b82f45cd954a77e1045b4d550
-
SHA1
6c8d40f62846bd7d8f92c9059653c8607b50f5b2
-
SHA256
cb17aa3019cf3f9e3532cf8c1acb33a42cdd61ac37c0da54c49a48f8b68a05be
-
SHA512
4b4a9af7351e18ad858c4447015e9cf725854d5820d5cb0f18011111af0ed899f735c4dc22cdec8b6f1506d86bef64d2166ba2ae4ff29981f32ea0f80444d171
-
SSDEEP
24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXJ:7wqd87VJ
Malware Config
Extracted
gh0strat
hackerinvasion.f3322.net
Targets
-
-
Target
cb17aa3019cf3f9e3532cf8c1acb33a42cdd61ac37c0da54c49a48f8b68a05be
-
Size
899KB
-
MD5
1ad0fb3b82f45cd954a77e1045b4d550
-
SHA1
6c8d40f62846bd7d8f92c9059653c8607b50f5b2
-
SHA256
cb17aa3019cf3f9e3532cf8c1acb33a42cdd61ac37c0da54c49a48f8b68a05be
-
SHA512
4b4a9af7351e18ad858c4447015e9cf725854d5820d5cb0f18011111af0ed899f735c4dc22cdec8b6f1506d86bef64d2166ba2ae4ff29981f32ea0f80444d171
-
SSDEEP
24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXJ:7wqd87VJ
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-