General

  • Target

    82981b63523fcea19481a0a6c196c8c8b1dcc4abb43b4d621b5c55d3b6ba0940

  • Size

    899KB

  • Sample

    240612-b2x14axhqj

  • MD5

    a0a3fe05b60086c59f9e119c3551deae

  • SHA1

    7bc1e05a4db47e229998034dfde4a7c0bf1fc1bd

  • SHA256

    82981b63523fcea19481a0a6c196c8c8b1dcc4abb43b4d621b5c55d3b6ba0940

  • SHA512

    0e1bb8ec5ec041e16e491bf96b7dc7395739b8ec7dbc83f93851f9e15c5c4a4fac375307c2b06a896ec919cbfea1d234269386890d93696a7483b3c635ddd4a4

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXP:7wqd87VP

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      82981b63523fcea19481a0a6c196c8c8b1dcc4abb43b4d621b5c55d3b6ba0940

    • Size

      899KB

    • MD5

      a0a3fe05b60086c59f9e119c3551deae

    • SHA1

      7bc1e05a4db47e229998034dfde4a7c0bf1fc1bd

    • SHA256

      82981b63523fcea19481a0a6c196c8c8b1dcc4abb43b4d621b5c55d3b6ba0940

    • SHA512

      0e1bb8ec5ec041e16e491bf96b7dc7395739b8ec7dbc83f93851f9e15c5c4a4fac375307c2b06a896ec919cbfea1d234269386890d93696a7483b3c635ddd4a4

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXP:7wqd87VP

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks