General

  • Target

    b4f535c6ae72d33c83662f260b1c4f89313fba939a4d4c6f8c7c89f121d5c486

  • Size

    899KB

  • Sample

    240603-ps4deafh87

  • MD5

    f0471f79fa753bb4ca36f7e2c91a73a8

  • SHA1

    bef5d6ee9b6c781b8e0d35fc7311ab609e1f4014

  • SHA256

    b4f535c6ae72d33c83662f260b1c4f89313fba939a4d4c6f8c7c89f121d5c486

  • SHA512

    4aadf83fb89c92c4e3ffb0ee3d50fcfcf27734d93f3aff961d56150a88d1a8948bfbd1bbe65911ff1d0d78b5cfc7d8ad98bcfd27993ae2ac17fa7589ad2e23a1

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXq:7wqd87Vq

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      b4f535c6ae72d33c83662f260b1c4f89313fba939a4d4c6f8c7c89f121d5c486

    • Size

      899KB

    • MD5

      f0471f79fa753bb4ca36f7e2c91a73a8

    • SHA1

      bef5d6ee9b6c781b8e0d35fc7311ab609e1f4014

    • SHA256

      b4f535c6ae72d33c83662f260b1c4f89313fba939a4d4c6f8c7c89f121d5c486

    • SHA512

      4aadf83fb89c92c4e3ffb0ee3d50fcfcf27734d93f3aff961d56150a88d1a8948bfbd1bbe65911ff1d0d78b5cfc7d8ad98bcfd27993ae2ac17fa7589ad2e23a1

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXq:7wqd87Vq

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks