General

  • Target

    f16ccba13991f511837b8210b32e0a43c1e0dabd08403d358ca8b0e9382610a9

  • Size

    899KB

  • Sample

    240619-3grr5awhnf

  • MD5

    78b824f55c940a919cd5aef4fd1d4fea

  • SHA1

    9786d1c945d3378234a4e78fea71d8955826c961

  • SHA256

    f16ccba13991f511837b8210b32e0a43c1e0dabd08403d358ca8b0e9382610a9

  • SHA512

    6e9123d2131886894cfee2bb3f2c9ee5f4ac1e537f2253c9b82934bc2ed3ddf9a20048d330a99080a9734fa03742a7b99c88f232584f7a7aaf1d60123e8c18ed

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXK:7wqd87VK

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      f16ccba13991f511837b8210b32e0a43c1e0dabd08403d358ca8b0e9382610a9

    • Size

      899KB

    • MD5

      78b824f55c940a919cd5aef4fd1d4fea

    • SHA1

      9786d1c945d3378234a4e78fea71d8955826c961

    • SHA256

      f16ccba13991f511837b8210b32e0a43c1e0dabd08403d358ca8b0e9382610a9

    • SHA512

      6e9123d2131886894cfee2bb3f2c9ee5f4ac1e537f2253c9b82934bc2ed3ddf9a20048d330a99080a9734fa03742a7b99c88f232584f7a7aaf1d60123e8c18ed

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXK:7wqd87VK

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks