General

  • Target

    421ba34ba858a792705ae3f08a09a64b36f4befd93ad5edd3053ba18aa5d065a

  • Size

    899KB

  • Sample

    240611-3lg4gswcke

  • MD5

    c6168b20ad1d79c9f8d4a936df1854a3

  • SHA1

    5f70e31c9f3c7f32f383172c2840e426b0cc0a13

  • SHA256

    421ba34ba858a792705ae3f08a09a64b36f4befd93ad5edd3053ba18aa5d065a

  • SHA512

    881c6454db3fdf6457a89690027a3a08ec42f10bc759cd70c37d816f97de35901df1573c1134f906beb6940d71b5c47756f552103a9681ea1adba4d41ca596d5

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXH:7wqd87VH

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      421ba34ba858a792705ae3f08a09a64b36f4befd93ad5edd3053ba18aa5d065a

    • Size

      899KB

    • MD5

      c6168b20ad1d79c9f8d4a936df1854a3

    • SHA1

      5f70e31c9f3c7f32f383172c2840e426b0cc0a13

    • SHA256

      421ba34ba858a792705ae3f08a09a64b36f4befd93ad5edd3053ba18aa5d065a

    • SHA512

      881c6454db3fdf6457a89690027a3a08ec42f10bc759cd70c37d816f97de35901df1573c1134f906beb6940d71b5c47756f552103a9681ea1adba4d41ca596d5

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXH:7wqd87VH

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks