General

  • Target

    64d5f74afb3a7af159cf70759f6b103ad5ddf9a2b452d9619534acf316612bb2

  • Size

    899KB

  • Sample

    240604-3gywfafh78

  • MD5

    fa58ffa9202e1fd2b75a3faf632c3ce7

  • SHA1

    ef935c7866e22aaaa75bebc80919fcd346abe78c

  • SHA256

    64d5f74afb3a7af159cf70759f6b103ad5ddf9a2b452d9619534acf316612bb2

  • SHA512

    d6a5b1f8ab24b89e17875c1cc30050f1af346448e02d45ab25be0c9ce2373edc9ec2474e83480a71906d5123f6d28fe1988848af56c87f9438bc667d0d93123e

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX+:7wqd87V+

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      64d5f74afb3a7af159cf70759f6b103ad5ddf9a2b452d9619534acf316612bb2

    • Size

      899KB

    • MD5

      fa58ffa9202e1fd2b75a3faf632c3ce7

    • SHA1

      ef935c7866e22aaaa75bebc80919fcd346abe78c

    • SHA256

      64d5f74afb3a7af159cf70759f6b103ad5ddf9a2b452d9619534acf316612bb2

    • SHA512

      d6a5b1f8ab24b89e17875c1cc30050f1af346448e02d45ab25be0c9ce2373edc9ec2474e83480a71906d5123f6d28fe1988848af56c87f9438bc667d0d93123e

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX+:7wqd87V+

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks