General

  • Target

    475ac229a72cc214d84425a10fac231ddaf5880acc820f8a27691583b64977e7

  • Size

    899KB

  • Sample

    240623-q1dndswfln

  • MD5

    27300fc4ab9e3edd5b35d43325fb8171

  • SHA1

    a5b52a1b1df73ed1f6e43803420c73df6ac1f23c

  • SHA256

    475ac229a72cc214d84425a10fac231ddaf5880acc820f8a27691583b64977e7

  • SHA512

    3e6a7545b3de0f8d4db84f4f273e1bcc7071e7732c8ae8c2106180e6897afdd784af37f1d958fb4c221cbc8d5280513e6794abcde066c86b1aa195e2289df8ba

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXB:7wqd87VB

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      475ac229a72cc214d84425a10fac231ddaf5880acc820f8a27691583b64977e7

    • Size

      899KB

    • MD5

      27300fc4ab9e3edd5b35d43325fb8171

    • SHA1

      a5b52a1b1df73ed1f6e43803420c73df6ac1f23c

    • SHA256

      475ac229a72cc214d84425a10fac231ddaf5880acc820f8a27691583b64977e7

    • SHA512

      3e6a7545b3de0f8d4db84f4f273e1bcc7071e7732c8ae8c2106180e6897afdd784af37f1d958fb4c221cbc8d5280513e6794abcde066c86b1aa195e2289df8ba

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXB:7wqd87VB

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks