General

  • Target

    2c156cb0f439ed223e61e3000b5c36582a99dfe32e620dce95d2e847793eff56

  • Size

    899KB

  • Sample

    240604-3gy67sfb3v

  • MD5

    a3a04091b7ec4fd5b2c8b292e74725f6

  • SHA1

    bff4d258c2ee862ca855f3d5f53ad3027c829400

  • SHA256

    2c156cb0f439ed223e61e3000b5c36582a99dfe32e620dce95d2e847793eff56

  • SHA512

    4623db98ea59c53bb655fef68509565d8a54d9f3d95e0ec98697b198794bb8fecc6c61e3737b1db07f89a48dd6e31c402cd933389f6739f84277e390eed4e449

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXA:7wqd87VA

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      2c156cb0f439ed223e61e3000b5c36582a99dfe32e620dce95d2e847793eff56

    • Size

      899KB

    • MD5

      a3a04091b7ec4fd5b2c8b292e74725f6

    • SHA1

      bff4d258c2ee862ca855f3d5f53ad3027c829400

    • SHA256

      2c156cb0f439ed223e61e3000b5c36582a99dfe32e620dce95d2e847793eff56

    • SHA512

      4623db98ea59c53bb655fef68509565d8a54d9f3d95e0ec98697b198794bb8fecc6c61e3737b1db07f89a48dd6e31c402cd933389f6739f84277e390eed4e449

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXA:7wqd87VA

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks