General

  • Target

    e73b368fc5429448cf1cb0403e3431820640f19516feebd7d818b381952c42fd

  • Size

    899KB

  • Sample

    240612-bwnkgaxfqq

  • MD5

    a9540ff7392b8068be132f4e3a0fc979

  • SHA1

    00ea325c864e9c67271c22b78f3abaf7ecb280b3

  • SHA256

    e73b368fc5429448cf1cb0403e3431820640f19516feebd7d818b381952c42fd

  • SHA512

    7421a36a5367e4cff820584a869ee39781db6e2baafa1e8a663f9f410beadc588d0190e7d103fd19b9f9e2eb2c427ad6b74e5f35d538ee95641a43d9d1be8bf9

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXB:7wqd87VB

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      e73b368fc5429448cf1cb0403e3431820640f19516feebd7d818b381952c42fd

    • Size

      899KB

    • MD5

      a9540ff7392b8068be132f4e3a0fc979

    • SHA1

      00ea325c864e9c67271c22b78f3abaf7ecb280b3

    • SHA256

      e73b368fc5429448cf1cb0403e3431820640f19516feebd7d818b381952c42fd

    • SHA512

      7421a36a5367e4cff820584a869ee39781db6e2baafa1e8a663f9f410beadc588d0190e7d103fd19b9f9e2eb2c427ad6b74e5f35d538ee95641a43d9d1be8bf9

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXB:7wqd87VB

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks