General

  • Target

    d79ef1b78ce24656b63a649ffdbe5cf6b68c09b4396de844c6d7da6ba1037e64

  • Size

    899KB

  • Sample

    240604-hcn58agg82

  • MD5

    8f0dd028baba1bda1fe5fb49ea56bb63

  • SHA1

    2b558f7565bf6a26e613e707e07bc014e18540b4

  • SHA256

    d79ef1b78ce24656b63a649ffdbe5cf6b68c09b4396de844c6d7da6ba1037e64

  • SHA512

    f92b2982b87b004dea9e8d69781b021a8510c4813f1674d6e2f8211fd4ba07cab82144a9c7fbbd2251f3bdf10406170e393aab9c0c4dc8223fe073d49e7c1eb9

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXV:7wqd87VV

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      d79ef1b78ce24656b63a649ffdbe5cf6b68c09b4396de844c6d7da6ba1037e64

    • Size

      899KB

    • MD5

      8f0dd028baba1bda1fe5fb49ea56bb63

    • SHA1

      2b558f7565bf6a26e613e707e07bc014e18540b4

    • SHA256

      d79ef1b78ce24656b63a649ffdbe5cf6b68c09b4396de844c6d7da6ba1037e64

    • SHA512

      f92b2982b87b004dea9e8d69781b021a8510c4813f1674d6e2f8211fd4ba07cab82144a9c7fbbd2251f3bdf10406170e393aab9c0c4dc8223fe073d49e7c1eb9

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXV:7wqd87VV

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks