General

  • Target

    b4d7762a1beee8bedb2df1130fb9f42b254e4888d90fb26a77a3ab2fa38abb51

  • Size

    899KB

  • Sample

    240603-mqq9ysch56

  • MD5

    3aa293640150e33b56c080e267117f49

  • SHA1

    ba9fae9f256894fad7b0f495664ec7283b27e484

  • SHA256

    b4d7762a1beee8bedb2df1130fb9f42b254e4888d90fb26a77a3ab2fa38abb51

  • SHA512

    7cf18bec9387be69f0044c296187ad5912f7dcf48d7f64b2d94a70bf5a2ec47c1384d9b9d083dae909f08b0b47962e2926db9a4b5adbd2193be6c48e210a40b6

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXp:7wqd87Vp

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      b4d7762a1beee8bedb2df1130fb9f42b254e4888d90fb26a77a3ab2fa38abb51

    • Size

      899KB

    • MD5

      3aa293640150e33b56c080e267117f49

    • SHA1

      ba9fae9f256894fad7b0f495664ec7283b27e484

    • SHA256

      b4d7762a1beee8bedb2df1130fb9f42b254e4888d90fb26a77a3ab2fa38abb51

    • SHA512

      7cf18bec9387be69f0044c296187ad5912f7dcf48d7f64b2d94a70bf5a2ec47c1384d9b9d083dae909f08b0b47962e2926db9a4b5adbd2193be6c48e210a40b6

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXp:7wqd87Vp

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks