General

  • Target

    c366f0305cf44c8796e6c1e5f57d030a7ee82b3703af06c5989dddfd058c29ee

  • Size

    899KB

  • Sample

    240603-nqxx6sed36

  • MD5

    b36df9be444a46a3702a4ed6a7469e5a

  • SHA1

    c30a8e4902bb45bd1e94b3f0c8268ab616a14376

  • SHA256

    c366f0305cf44c8796e6c1e5f57d030a7ee82b3703af06c5989dddfd058c29ee

  • SHA512

    d4145862e9d7688225a51a903e6d6cf64bf94fa658fb70a1f942a2cbebc1e3acf2e0060c74cb4fe1c6ba61271f365c8498a5ac97eac7ea374667c251ee4f4422

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXm:7wqd87Vm

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      c366f0305cf44c8796e6c1e5f57d030a7ee82b3703af06c5989dddfd058c29ee

    • Size

      899KB

    • MD5

      b36df9be444a46a3702a4ed6a7469e5a

    • SHA1

      c30a8e4902bb45bd1e94b3f0c8268ab616a14376

    • SHA256

      c366f0305cf44c8796e6c1e5f57d030a7ee82b3703af06c5989dddfd058c29ee

    • SHA512

      d4145862e9d7688225a51a903e6d6cf64bf94fa658fb70a1f942a2cbebc1e3acf2e0060c74cb4fe1c6ba61271f365c8498a5ac97eac7ea374667c251ee4f4422

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXm:7wqd87Vm

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks