General

  • Target

    126ab67d6ec6c79eb86903a7c7d8cbd29c0c80497ab1bb6e59dc31dab6137095

  • Size

    899KB

  • Sample

    240619-2h1wravdqb

  • MD5

    c1bcf13b2a01e7c2dc5777329278f319

  • SHA1

    e25ebcae71381411fd4253462a2b4c04f5f2a58f

  • SHA256

    126ab67d6ec6c79eb86903a7c7d8cbd29c0c80497ab1bb6e59dc31dab6137095

  • SHA512

    f6aeff862f26821ddd8e95b07743c66bee64787030decd65f313508facda9092aa740bc5a289e40693b232b84ca294a338adab064a08f69256493ef935d94f17

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXM:7wqd87VM

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      126ab67d6ec6c79eb86903a7c7d8cbd29c0c80497ab1bb6e59dc31dab6137095

    • Size

      899KB

    • MD5

      c1bcf13b2a01e7c2dc5777329278f319

    • SHA1

      e25ebcae71381411fd4253462a2b4c04f5f2a58f

    • SHA256

      126ab67d6ec6c79eb86903a7c7d8cbd29c0c80497ab1bb6e59dc31dab6137095

    • SHA512

      f6aeff862f26821ddd8e95b07743c66bee64787030decd65f313508facda9092aa740bc5a289e40693b232b84ca294a338adab064a08f69256493ef935d94f17

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXM:7wqd87VM

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks