General

  • Target

    aa4da4052c9fde7d950395975342a554c9eb9f96f7cf8e0f595fa633d7131587

  • Size

    899KB

  • Sample

    240605-atbmfsge6t

  • MD5

    b6a79957c384a494023e50f4daf9ddec

  • SHA1

    f4f5d5c65281af3b9e007691151d7eb6e41bf113

  • SHA256

    aa4da4052c9fde7d950395975342a554c9eb9f96f7cf8e0f595fa633d7131587

  • SHA512

    55c3933aed52453b8d3c1cecefdeb7d84eb118c5de1012416bfd67f48a83af66fe97ea953571a7dba1d6fac9a5114798c8369fc62a0d0823898e8435c5a1b4c0

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXC:7wqd87VC

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      aa4da4052c9fde7d950395975342a554c9eb9f96f7cf8e0f595fa633d7131587

    • Size

      899KB

    • MD5

      b6a79957c384a494023e50f4daf9ddec

    • SHA1

      f4f5d5c65281af3b9e007691151d7eb6e41bf113

    • SHA256

      aa4da4052c9fde7d950395975342a554c9eb9f96f7cf8e0f595fa633d7131587

    • SHA512

      55c3933aed52453b8d3c1cecefdeb7d84eb118c5de1012416bfd67f48a83af66fe97ea953571a7dba1d6fac9a5114798c8369fc62a0d0823898e8435c5a1b4c0

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXC:7wqd87VC

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks