General

  • Target

    279d436fef9e10c5228ba97ee4f21a5320b34e3ed1380d5f49c57a6026300d61

  • Size

    899KB

  • Sample

    240623-wchkbssakl

  • MD5

    e2a36b28dbae109c3ac4019db0e4d447

  • SHA1

    547c0a1bded6a986353313f549c90ec26ae86598

  • SHA256

    279d436fef9e10c5228ba97ee4f21a5320b34e3ed1380d5f49c57a6026300d61

  • SHA512

    c47590d6621632f8f154a5e0916cb638606126c8a5b8ecb2ed6109da9a52a57e8a5f56a0930f0f1f49f5a01781369f629081591ec4ab4f7fc4c68b5df381e906

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXX:7wqd87VX

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      279d436fef9e10c5228ba97ee4f21a5320b34e3ed1380d5f49c57a6026300d61

    • Size

      899KB

    • MD5

      e2a36b28dbae109c3ac4019db0e4d447

    • SHA1

      547c0a1bded6a986353313f549c90ec26ae86598

    • SHA256

      279d436fef9e10c5228ba97ee4f21a5320b34e3ed1380d5f49c57a6026300d61

    • SHA512

      c47590d6621632f8f154a5e0916cb638606126c8a5b8ecb2ed6109da9a52a57e8a5f56a0930f0f1f49f5a01781369f629081591ec4ab4f7fc4c68b5df381e906

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXX:7wqd87VX

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks