General

  • Target

    20de652b3d0c1e5e3ebc4b3a020ce6e18af50e6d35ff220f6e27db6b9f1da42a

  • Size

    899KB

  • Sample

    240623-2nd9yawbne

  • MD5

    a9f136d8050337b79e1b970229b56079

  • SHA1

    8c974d7eed35cf465240137a71b1a1bb086e9508

  • SHA256

    20de652b3d0c1e5e3ebc4b3a020ce6e18af50e6d35ff220f6e27db6b9f1da42a

  • SHA512

    608c40f2fee0fb5e8cb1196691e5b24c1b9cb324670f1cca3822d8884ee9c845904cb9dae443dfef1c6cc4cb23cd76846c80ac587aeaa48b6bf780ec9b1db8cb

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXj:7wqd87Vj

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      20de652b3d0c1e5e3ebc4b3a020ce6e18af50e6d35ff220f6e27db6b9f1da42a

    • Size

      899KB

    • MD5

      a9f136d8050337b79e1b970229b56079

    • SHA1

      8c974d7eed35cf465240137a71b1a1bb086e9508

    • SHA256

      20de652b3d0c1e5e3ebc4b3a020ce6e18af50e6d35ff220f6e27db6b9f1da42a

    • SHA512

      608c40f2fee0fb5e8cb1196691e5b24c1b9cb324670f1cca3822d8884ee9c845904cb9dae443dfef1c6cc4cb23cd76846c80ac587aeaa48b6bf780ec9b1db8cb

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXj:7wqd87Vj

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks