General

  • Target

    5a2fcfa7c12a84f4058fcc78a6ddef7c2796de36a4e508b7c627adae7c10ccbb

  • Size

    899KB

  • Sample

    240604-ha3wlagc2s

  • MD5

    43b75ba6a359c108ad6c0e1dbec6532d

  • SHA1

    0a351174033b4a7e91f92a61a51a5ec75277f9a1

  • SHA256

    5a2fcfa7c12a84f4058fcc78a6ddef7c2796de36a4e508b7c627adae7c10ccbb

  • SHA512

    fa2eee70943322eb4220266c1ac7266c10e32244884e7c84adb95b28631a5deb140c6b9e4d651597a735a4b5cc906c3de0a748cf679e9b7e406f7a37418f77a3

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX8:7wqd87V8

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      5a2fcfa7c12a84f4058fcc78a6ddef7c2796de36a4e508b7c627adae7c10ccbb

    • Size

      899KB

    • MD5

      43b75ba6a359c108ad6c0e1dbec6532d

    • SHA1

      0a351174033b4a7e91f92a61a51a5ec75277f9a1

    • SHA256

      5a2fcfa7c12a84f4058fcc78a6ddef7c2796de36a4e508b7c627adae7c10ccbb

    • SHA512

      fa2eee70943322eb4220266c1ac7266c10e32244884e7c84adb95b28631a5deb140c6b9e4d651597a735a4b5cc906c3de0a748cf679e9b7e406f7a37418f77a3

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX8:7wqd87V8

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks