General

  • Target

    3da822c58f372b3b74e507c1e397643f5fe8d2e4e42627edbfe2a50b84c4918d

  • Size

    899KB

  • Sample

    240623-waqsxs1hqm

  • MD5

    e45c9bc9c0a4decababfb0c8f3f6dc9d

  • SHA1

    ded3beeea5e6637ae13629e0acca991e46df9d6c

  • SHA256

    3da822c58f372b3b74e507c1e397643f5fe8d2e4e42627edbfe2a50b84c4918d

  • SHA512

    cc6d6295dc3f2aaaee1b0626b2a0cec668047e52f1b92a98a10ae3a8e02c70b60ea56b0c2bbe5c8f1c0df4caaeaf6d5028b71ddb60ba08f2c0c660e74d4fa426

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXp:7wqd87Vp

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      3da822c58f372b3b74e507c1e397643f5fe8d2e4e42627edbfe2a50b84c4918d

    • Size

      899KB

    • MD5

      e45c9bc9c0a4decababfb0c8f3f6dc9d

    • SHA1

      ded3beeea5e6637ae13629e0acca991e46df9d6c

    • SHA256

      3da822c58f372b3b74e507c1e397643f5fe8d2e4e42627edbfe2a50b84c4918d

    • SHA512

      cc6d6295dc3f2aaaee1b0626b2a0cec668047e52f1b92a98a10ae3a8e02c70b60ea56b0c2bbe5c8f1c0df4caaeaf6d5028b71ddb60ba08f2c0c660e74d4fa426

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXp:7wqd87Vp

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks