General

  • Target

    25c1516c009ce64e3de42135be33ee487515a820b83c94ebe93a3c8156e2ce01

  • Size

    899KB

  • Sample

    240603-ps3f4sfh86

  • MD5

    d1b4d3d717adac7765794f8e6507eda1

  • SHA1

    4168abbb0233408852af34a44b68b373480e04a4

  • SHA256

    25c1516c009ce64e3de42135be33ee487515a820b83c94ebe93a3c8156e2ce01

  • SHA512

    47ee60877f927f54346949ff3d4816e73a091ead1d14b5a358a2a797841bbb7c1f82c3b83266b728aed46425ae1afdd451525ab3305bca8c29d2f08ea377dc28

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXU:7wqd87VU

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      25c1516c009ce64e3de42135be33ee487515a820b83c94ebe93a3c8156e2ce01

    • Size

      899KB

    • MD5

      d1b4d3d717adac7765794f8e6507eda1

    • SHA1

      4168abbb0233408852af34a44b68b373480e04a4

    • SHA256

      25c1516c009ce64e3de42135be33ee487515a820b83c94ebe93a3c8156e2ce01

    • SHA512

      47ee60877f927f54346949ff3d4816e73a091ead1d14b5a358a2a797841bbb7c1f82c3b83266b728aed46425ae1afdd451525ab3305bca8c29d2f08ea377dc28

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXU:7wqd87VU

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks