General

  • Target

    e1bb1e95567303e029deced69a7f596b906b6df8899a5cc27ad2fded6908c168

  • Size

    899KB

  • Sample

    240612-cyxrlaygkg

  • MD5

    0a9780c1a4056cf308546d02a7f2fd29

  • SHA1

    551a4e179cae336885b1dfa5702c368aa7b015e6

  • SHA256

    e1bb1e95567303e029deced69a7f596b906b6df8899a5cc27ad2fded6908c168

  • SHA512

    ad9104a627b74e92df513580819bdeac6000cb705c0f5e1852e9e3c969a3c792a4eeb636af81856659b1a848acb228aabe9e3eddca6eb9f98ff21091af004705

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXR:7wqd87VR

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      e1bb1e95567303e029deced69a7f596b906b6df8899a5cc27ad2fded6908c168

    • Size

      899KB

    • MD5

      0a9780c1a4056cf308546d02a7f2fd29

    • SHA1

      551a4e179cae336885b1dfa5702c368aa7b015e6

    • SHA256

      e1bb1e95567303e029deced69a7f596b906b6df8899a5cc27ad2fded6908c168

    • SHA512

      ad9104a627b74e92df513580819bdeac6000cb705c0f5e1852e9e3c969a3c792a4eeb636af81856659b1a848acb228aabe9e3eddca6eb9f98ff21091af004705

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXR:7wqd87VR

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks